cwe-93-crlf-injection
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behavior, obfuscation, or data exfiltration attempts were detected. The content is purely educational and focuses on standard security remediation best practices.
- [COMMAND_EXECUTION]: The skill includes a
greputility command to help users find vulnerable code patterns in their local Java source code. This command is non-malicious, intended for static analysis, and does not require elevated privileges. - [INDIRECT_PROMPT_INJECTION]: As a tool designed to analyze source code for vulnerabilities, the skill processes external data (Java files). It uses deterministic search patterns and remediation strategies that do not involve executing or unsafe interpolation of the analyzed content, minimizing the risk of prompt injection from the target code.
Audit Metadata