CMS Platform Detection

Name: plugin-cms-toolkit/cms-detect
Author: twofoldtech-dakota

View on GitHub↗

Share on X Share on LinkedIn Share on Bluesky

100Critical

The skill allows arbitrary command execution via Bash

ThreatsCI SM CS BC S HITL

incomplete

Behavior Analysis

Description verified — behavior matches claim

Claims to do

CMS Platform Detection: You are a CMS detection specialist. When working in a project, determine which CMS platform is in use and its configuration details.

Actually does

This skill uses `Read`, `Grep`, and `Glob` to scan local project files such as `.csproj`, `sitecore.json`, `appsettings.json`, `module.config`, and specific directories. It identifies the CMS (Sitecore, Umbraco, or Optimizely) and its configuration by looking for specific files, NuGet package references, and configuration strings within these files. It does not contact any external URLs or execute arbitrary `Bash` commands beyond file system operations.

Threat Analysis

AI Agent Traps ↗Scanned 4/14/2026

Content InjectionPerceptionclean

Semantic ManipulationReasoningclean

Cognitive StateMemory & Learningclean

Behavioural ControlAction2 findings

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Nametwofoldtech-dakota/plugin-cms-toolkit/cms-detect

Registrygithub

Version27fbabdd4251

PURLpkg:github/twofoldtech-dakota/plugin-cms-toolkit@27fbabdd4251?skill=cms-detect

Stars1

Source

Repository ↗SKILL.md ↗

SHA-2561b00e87f4861...

SHA-1d9cd14d5d4a7...

MD507079e257ccd...

TLSHc061a7376049...

Size3,220 bytes

Install

This skill has been flagged as potentially malicious. Review the findings below before installing.

GitHub

https://github.com/twofoldtech-dakota/plugin-cms-toolkit/tree/main/skills/cms-detect

Claude CodeDocs

/plugin marketplace add twofoldtech-dakota/plugin-cms-toolkit

/plugin install cms-detect@twofoldtech-dakota/plugin-cms-toolkit

Skills.shDocs

npx skills add https://github.com/twofoldtech-dakota/plugin-cms-toolkit --skill cms-detect

Assessments (1)

AI Agent Traps ↗

Arbitrary Command Execution via Bashcriticalcommand execution

The skill explicitly allows the 'Bash' tool, enabling arbitrary command execution. This poses a critical risk for data exfiltration, system modification, and other malicious activities if the agent is compromised or instructed to misuse this capability.

100% confidenceline 5

allowed-tools: Read, Grep, Glob, Bash

Broad File System Access for Reconnaissancehighreconnaissance

The combination of 'Read', 'Grep', 'Glob', and 'Bash' grants broad access to the file system. While intended for CMS detection, these tools can be misused to enumerate sensitive files, configurations, and system information beyond the project scope.

100% confidenceline 5

allowed-tools: Read, Grep, Glob, Bash

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/github/twofoldtech-dakota/plugin-cms-toolkit/cms-detect.svg)](https://mondoo.com/ai-agent-security/skills/github/twofoldtech-dakota/plugin-cms-toolkit/cms-detect)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/github/twofoldtech-dakota/plugin-cms-toolkit/cms-detect"><img src="https://mondoo.com/ai-agent-security/api/badge/github/twofoldtech-dakota/plugin-cms-toolkit/cms-detect.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/github/twofoldtech-dakota/plugin-cms-toolkit/cms-detect.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow