Skills
skills/aakash-dhar/claude-skills/tech-debt-report/Gen Agent Trust Hub

tech-debt-report

Warn

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill attempts to install the Python package 'vulture' at runtime using pip install vulture 2>/dev/null in section 2f (Dead Code Debt). Installing unpinned dependencies from external registries at runtime is a supply chain risk.
  • [CREDENTIALS_UNSAFE]: Section 2g (Configuration & Infrastructure Debt) contains a command specifically designed to find and output hardcoded secrets: grep -rn "password.*=.*['\"].\+['\"]\|api_key.*=.*['\"].\+['\"]\|secret.*=.*['\"].\+['\"]". While the intention is to identify security debt, the execution may cause the agent to reveal actual credential values in the final report file or logs.
  • [COMMAND_EXECUTION]: The skill executes various development tools and test runners including npm outdated, npm audit, jest, pytest, go test, and vulture. Running test suites can trigger the execution of arbitrary code contained within the project's test files.
  • [COMMAND_EXECUTION]: The skill uses python3 -c several times to execute dynamic Python strings for parsing JSON output from other commands (e.g., parsing npm audit results and package.json). While the provided code is for local parsing, this pattern of dynamic execution is noteworthy.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). It performs bulk reads of project source files (find . -exec cat {} +) and processes them without sanitization or boundary markers. A malicious actor could embed instructions inside a code comment that the agent might inadvertently follow while performing the scan.
  • Ingestion points: Reads all source files (.ts, .js, .py, .go, etc.) and project configuration files (package.json, Dockerfile, etc.).
  • Boundary markers: None present; the content is passed directly to analysis tools like grep and awk.
  • Capability inventory: The skill has Bash execution, file-writing capabilities (to the project-decisions/ folder), and broad file-read access.
  • Sanitization: No sanitization is performed on the content read from the files before it is processed or included in the report.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 9, 2026, 10:15 PM