production-ready
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (HIGH): Multiple instances of unverified remote code execution are present in the documentation and scripts (e.g., in
scripts/README.mdandscripts/generate-sbom.sh). These instructions use thecurl | shpattern to fetch and execute scripts from repositories (anchore, gitleaks, trufflesecurity) that are not on the trusted organization list, creating a significant supply chain vulnerability. \n- [EXTERNAL_DOWNLOADS] (HIGH): The skill's installation instructions and fallback mechanisms rely on downloading scripts fromraw.githubusercontent.comwithout integrity checks or source verification, maintaining high severity as the sources are not trusted. \n- [COMMAND_EXECUTION] (LOW): The scripts execute a wide variety of system commands (grep, find, npm, pip-audit, etc.) to perform audits. While consistent with the skill's purpose, this behavior represents a large local attack surface. \n- [INDIRECT_PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection by processing untrusted project files. \n - Ingestion points:
scripts/audit-dependencies.shandscripts/check-config.shread local project configuration files likepackage.jsonandrequirements.txt. \n - Boundary markers: Absent; data is read and passed directly to audit tools. \n
- Capability inventory: Shell command execution and file writing (SBOM reports). \n
- Sanitization: Absent; no escaping or filtering of external file content before processing.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/trufflesecurity/trufflehog/main/scripts/install.sh, https://raw.githubusercontent.com/gitleaks/gitleaks/main/scripts/install.sh, https://raw.githubusercontent.com/anchore/syft/main/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata