supply-chain-attack-response
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends the installation of several standard security auditing tools, including
pip-audit,cargo-audit,cosign, andosv-scanner. Notably,osv-scannerandslsa-verifierare fetched from official repositories managed by Google and the SLSA Framework respectively. - [COMMAND_EXECUTION]: The skill contains various shell commands for auditing software packages, pinning dependency versions, and verifying artifact signatures. These commands are consistent with the skill's primary purpose of providing a security response playbook.
- [DATA_EXFILTRATION]: Includes instructions for sending incident alerts to Slack via webhooks and using the GitHub CLI for forensics. These network operations are standard components of legitimate security incident response workflows and do not involve unauthorized data movement.
- [PROMPT_INJECTION]: The skill processes untrusted external data such as dependency lockfiles and security advisories.
- Ingestion points: Reads
package-lock.json,requirements.txt, andCargo.lock(SKILL.md). - Boundary markers: Not present; the skill treats lockfile data as structured input for auditing tools.
- Capability inventory: Performs file system writes (writing to
.npmrc), network operations (Slack webhooks, API calls), and package installations across multiple scripts. - Sanitization: Uses standard parsing tools like
jqand Python'sjsonmodule to process untrusted data, reducing the risk of accidental execution.
Audit Metadata