Skills
skills/aj-geddes/useful-ai-prompts/vulnerability-scanning/Gen Agent Trust Hub

vulnerability-scanning

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The Node.js implementation in nodejs-vulnerability-scanner.md utilizes child_process.exec to run several security utilities including npm audit, eslint, hadolint, and trufflehog on the local project directory to identify vulnerabilities and exposed secrets.
  • [COMMAND_EXECUTION]: The Python implementation in python-owasp-scanner.md uses subprocess.run to invoke security scanners such as safety, bandit, and trivy for dependency and container image analysis.
  • [EXTERNAL_DOWNLOADS]: The skill references and integrates with well-known security services (Snyk, Aqua Security, OWASP) via GitHub Actions and uses npx to fetch security plugins, involving network requests to trusted official repositories like npmjs.com and GitHub.
  • [SAFE]: No evidence of prompt injection, unauthorized credential exfiltration, or code obfuscation was detected. All commands and tool invocations are consistent with the skill's primary purpose of infrastructure and application security monitoring.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 01:51 AM