Skills
skills/bitwarden/ai-plugins/reviewing-dependencies/Gen Agent Trust Hub

reviewing-dependencies

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes several well-known command-line utilities including gh, npm, dotnet, and grype to retrieve security alerts and dependency graphs. These tools are used within their intended functional scope to perform security audits.
  • [PROMPT_INJECTION]: The skill processes untrusted data from external sources, which represents an indirect prompt injection surface.
  • Ingestion points: External data enters the agent context via GitHub API responses from gh api and scan outputs from npm audit, dotnet list, and grype.
  • Boundary markers: The skill does not implement specific delimiters or instructions to isolate the ingested external data from the agent's logic.
  • Capability inventory: The skill is capable of executing subprocesses via gh, npm, dotnet, and grype to interact with the filesystem and network.
  • Sanitization: There is no evidence of sanitization, filtering, or validation of the external content before it is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 06:29 AM