The Agent Skills Directory

[COMMAND_EXECUTION]: Dynamic command assembly in shell scripts. The scripts/detect-secrets.sh script utilizes the eval command to execute find and grep operations on the $TARGET_DIR variable provided at runtime. This pattern creates a command injection surface if directory paths or filenames within the target project contain malicious shell metacharacters.
[EXTERNAL_DOWNLOADS]: Dependency auditing connects to remote registries. The scripts/full-audit.sh script executes npm audit and pip-audit to check for known vulnerabilities in project dependencies. These operations target well-known, trusted package registries (NPM and PyPI) and are documented neutrally as standard functionality for security auditing tools.
[PROMPT_INJECTION]: Susceptibility to indirect prompt injection through processed codebases. 1. Ingestion points: scripts/owasp-check.py and scripts/detect-secrets.sh ingest the contents of all files in the target directory for analysis. 2. Boundary markers: Absent. No explicit delimiters or warnings are used to instruct the agent to ignore potential instructions embedded in the 'evidence' or 'content' fields of the generated reports. 3. Capability inventory: The skill is authorized to use Bash, Write, Read, Edit, Grep, and Glob tools, representing a high-impact capability set if an injection is successful. 4. Sanitization: Scanned content is sanitized via standard JSON serialization using jq and the Python json library before being included in audit reports.

security-auditor