odoo-security
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. \n- Ingestion points: The skill reads and processes Python source code, XML security definitions, and CSV access control files from user-specified Odoo module directories (e.g., in scripts/access_checker.py and scripts/route_auditor.py). \n- Boundary markers: Absent. The skill instructions in SKILL.md do not include explicit delimiters or warnings to the agent to disregard instructions potentially embedded within the analyzed codebases. \n- Capability inventory: The skill is granted 'Bash', 'Write', and 'Edit' permissions, allowing the agent to execute shell commands (orchestrating the audit scripts) and modify files based on the output of the analysis. \n- Sanitization: The provided scripts use the Python 'ast' (Abstract Syntax Tree) module and regular expressions to parse file content. While this prevents direct command injection into the scripts themselves, the interpreted results could still be used to influence the agent's logic if the analyzed code contains adversarial patterns. \n- [COMMAND_EXECUTION]: Local Script Execution and Subprocess Management. \n- The skill uses the 'Bash' tool to execute a suite of Python security auditors included in the package (scripts/security_auditor.py, scripts/access_checker.py, scripts/route_auditor.py, and scripts/sudo_finder.py). \n- The orchestration script (scripts/security_auditor.py) utilizes subprocess.run to manage the execution of these sub-auditors, passing user-provided file paths as command-line arguments.
Audit Metadata