vulnerability-scanner
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Prompt Injection (LOW): The skill is susceptible to indirect prompt injection (Category 8).
- Ingestion points: External file content accessed via Read, Glob, and Grep tools.
- Boundary markers: Absent; there are no instructions or delimiters provided to prevent the agent from following instructions embedded within the files it scans.
- Capability inventory: The skill utilizes Bash and executes a local Python script.
- Sanitization: Absent; content from target files is ingested directly into the prompt context.
- Command Execution (LOW): The skill requests access to Bash and instructs the agent to execute a local Python script (scripts/security_scan.py). While these capabilities are consistent with the skill's primary purpose as a vulnerability scanner, they represent a potential risk if the agent processes malicious instructions from a scanned project.
Audit Metadata