The Agent Skills Directory

[COMMAND_EXECUTION]: The skill implements a DependencyScanner class that utilizes subprocess.run to execute security auditing tools including npm audit, safety check, and cargo audit. It also provides shell scripts for automated package updates. These commands are integral to the skill's primary purpose and use appropriate parameters like timeouts and capture_output.
[EXTERNAL_DOWNLOADS]: The implementation playbook instructs users to install well-known security utilities such as snyk, safety, and pip-audit through standard package managers. These are trusted tools within the security community and are used for their intended purposes.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests data from external manifest files which may contain malicious instructions embedded in package names or version strings.
Ingestion points: Manifest files like package.json and requirements.txt are identified via Path.glob and processed by the agent.
Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from following instructions found within the manifest data.
Capability inventory: The agent has access to command execution via subprocess and shell scripts to perform audits and modifications.
Sanitization: The logic does not perform sanitization or escaping of the metadata retrieved from packages before displaying them in executive reports.

security-scanning-security-dependencies