endor-sca
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads the endorctl package from the NPM registry using npx as a fallback execution method. This is an official vendor tool and is used for its intended purpose.\n- [COMMAND_EXECUTION]: The skill executes the endorctl command-line interface to perform dependency analysis. It uses npx -y to ensure the tool is available and up-to-date without permanent installation.\n- [REMOTE_CODE_EXECUTION]: Use of npx -y constitutes a remote code execution pattern as it fetches and executes code from the npm registry at runtime. This is documented as a fallback for vendor tool access.\n- [DATA_EXFILTRATION]: The skill identifies and reads project manifest files across various ecosystems (JavaScript, Python, Go, Java, etc.) to build a dependency tree. This metadata is necessary for vulnerability matching against the Endor Labs database.\n- [PROMPT_INJECTION]: The skill ingests and displays information from external project files and vulnerability databases. This creates a surface for indirect prompt injection, though the risk is minimal given the structured reporting format.\n
- Ingestion points: Project manifest files (e.g., package.json, requirements.txt, pom.xml) and vulnerability finding metadata.\n
- Boundary markers: None explicitly defined for output presentation.\n
- Capability inventory: Command execution via npx and file system access.\n
- Sanitization: None explicitly implemented in the prompt instructions.
Audit Metadata