Skills
skills/brettatoms/agent-skills/code-search/Gen Agent Trust Hub

code-search

Warn

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [PRIVILEGE_ESCALATION]: The documentation instructs the agent to use sudo for installing the ripgrep tool on Linux-based systems (e.g., sudo pacman -S ripgrep, sudo apt install ripgrep). Recommending elevated privileges for setup increases the attack surface if used in an automated environment.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: The skill explicitly provides search patterns and file-filtering strategies to identify sensitive data within the filesystem. Examples include searching for keywords like 'password', 'secret', and 'key' specifically within environment configuration files (-g "*.env*"). This facilitates the discovery of credentials.
  • [INDIRECT_PROMPT_INJECTION]:
  • Ingestion points: The skill ingests untrusted data from the local filesystem by reading and displaying the contents of files matched by the search patterns.
  • Boundary markers: None. The output is provided directly to the agent context without delimiters or instructions to ignore embedded commands.
  • Capability inventory: The skill allows for the execution of arbitrary commands via the Bash and Task tools, which can be leveraged if a malicious file content is processed.
  • Sanitization: None. File contents are processed and returned as raw text.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 28, 2026, 11:36 AM