vulnerability-scanner
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). * Ingestion points: The script
scripts/security_scan.pyreads file content from a user-provided directory. * Boundary markers: No explicit delimiters are used to separate scanned content from agent instructions in the output. * Capability inventory: The skill is granted theBashtool, and thescripts/security_scan.pyscript performs subprocess calls and has filesystem read access. * Sanitization: The script captures snippets from scanned files without sanitization, which are then included in the scan results. - [COMMAND_EXECUTION]: The script
scripts/security_scan.pyexecutes system commands. * Evidence: It utilizessubprocess.runto callnpm auditfor dependency analysis when a Node.js project is detected.
Audit Metadata