The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes shell commands for project initialization, dependency installation, and executing the scanner's core functions such as scanning, processing, and exporting findings.- [EXTERNAL_DOWNLOADS]: The skill initiates the download and installation of the 'deepsec' package and its associated dependencies from the NPM registry.- [DATA_EXFILTRATION]: In distributed mode, the skill packages and uploads the local project source code to Vercel Sandbox microVMs. This data transfer is a functional requirement for remote processing on Vercel's infrastructure.- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its core function of reading and analyzing potentially untrusted source code. * Ingestion points: Project source files, custom matcher patterns, and tool-generated files like 'SETUP.md' and 'INFO.md'. * Boundary markers: The instructions do not define specific delimiters or guardrails to prevent the AI from executing instructions potentially embedded within the analyzed code. * Capability inventory: The environment provides shell access, file system interaction, and network connectivity to AI service providers. * Sanitization: No explicit sanitization or filtering of codebase content is mentioned before it is processed by the AI models.

deepsec-vulnerability-scanner