Security Scanning
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The skill specifies the use of shell commands such as grep, pip-audit, and npm audit. Executing these tools on untrusted repositories carries inherent risks if the agent is not restricted to a sandbox.
- PROMPT_INJECTION (HIGH): Category 8 (Indirect Prompt Injection): The skill's operational model involves reading and interpreting external, potentially malicious data. Ingestion points: Untrusted source code, .env files, and manifests like requirements.txt and package.json. Boundary markers: Absent; there are no instructions provided to distinguish between the content to be analyzed and instructions to be followed. Capability inventory: Access to shell execution for grep and package managers. Sanitization: Absent; the skill does not suggest any escaping or filtering of the data it reads before processing it.
Recommendations
- AI detected serious security threats
Audit Metadata