security-reviewer
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill documents the use of active security testing tools such as nmap for port scanning and network enumeration, and sqlmap for automated exploitation of SQL injection vulnerabilities.
- [DATA_EXFILTRATION]: The skill includes instructions for identifying and collecting sensitive local information, such as searching home directories for hardcoded credentials and reviewing shell command history files (.bash_history).
- [EXTERNAL_DOWNLOADS]: The skill provides commands to install various security scanners and analysis tools, including semgrep, bandit, trivy, and gitleaks, from standard package registries and official repositories.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it is designed to analyze untrusted external content (source code, project files) while having access to high-privilege tools.
- Ingestion points: The skill uses Read, Grep, and Glob tools to ingest content from arbitrary project files during security audits.
- Boundary markers: There are no explicit instructions or delimiters defined to separate untrusted file content from the agent's core instructions.
- Capability inventory: The skill utilizes the Bash tool for executing shell commands, providing a powerful capability for an injected instruction to exploit.
- Sanitization: No input validation or sanitization logic is specified for the external data being analyzed.
Audit Metadata