analyze_pkgbuild_safety
Analyze PKGBUILD files for security risks including dangerous commands, obfuscated code, suspicious network activity, and malware. Provides risk assessment and detailed findings to help audit AUR packages before installation.
Instructions
Analyze PKGBUILD content for security issues and dangerous patterns. Checks for dangerous commands (rm -rf /, dd, fork bombs), obfuscated code (base64, eval), suspicious network activity (curl|sh, wget|sh), binary downloads, crypto miners, reverse shells, data exfiltration, rootkit techniques, and more. Returns risk score (0-100) and detailed findings. Use this tool to manually audit AUR packages before installation.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| pkgbuild_content | Yes | Raw PKGBUILD content to analyze |
Input Schema (JSON Schema)
{
"properties": {
"pkgbuild_content": {
"description": "Raw PKGBUILD content to analyze",
"type": "string"
}
},
"required": [
"pkgbuild_content"
],
"type": "object"
}