AgentReadyHomeAgent Listing

← bash-defensive-patterns

bash-defensive-patterns — agentic threat model

4.2AIVSS 4.2 · Medium

This agent skill acts as a defensive code-generation template to prevent shell injection and execution failures, presenting low direct agentic risk as it lacks autonomous execution capabilities or persistent state.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 4.3AARS uplift 0.41Factor sum 0.8/10Threat ×0.9Mitigation ×0.9
Autonomy of Action
0.00
Goal-Driven Planning
0.00
Self-Modification
0.00
Dynamic Tool Use
0.10
Persistent Memory
0.00
Contextual Awareness
0.20
Dynamic Identity
0.00
Multi-Agent Interactions
0.00
Non-Determinism
0.30
Opacity & Reflexivity
0.20

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models⚠ not certain from listing

Not certain from the listing — The underlying foundation model is not specified. However, the skill is susceptible to prompt injection or model alignment issues that could cause it to output flawed or intentionally vulnerable shell patterns instead of defensive ones.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — There is no mention of a vector database or RAG pipeline. If the defensive patterns are stored in a static knowledge base, poisoning that data source would result in the generation of insecure shell scripts.

L3 · Agent Frameworks✓ mapped

The skill integrates directly into an agent's orchestration framework to shape tool-calling and command generation. The primary threat is framework-level bypass where an agent ignores these defensive patterns during execution.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — The hosting environment for the agent executing these shell commands is unspecified. If the generated commands are executed without strict container sandboxing, it poses a high risk of host compromise.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — There are no built-in observability or evaluation guardrails mentioned to verify that the generated shell commands actually adhere to the defensive patterns before execution.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — No identity, authorization, or compliance policies are defined in this open-source skill listing to restrict who can generate or execute these shell patterns.

L7 · Agent Ecosystem✓ mapped

As an open-source 'Agent Skill' directory listing, the primary ecosystem risk is the distribution of compromised or backdoored versions of this skill package that silently inject malicious payloads into generated scripts.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).