security-scanner

Functionally, the skill is a legitimate scanner design: it scans repository files, uses Trivy when available, and falls back to an internal pattern-based scanner. The primary security concerns are design and operational rather than evidence of direct malicious code: automatic access to Confidential and Personal knowledge tiers and prioritized proprietary rule files without described consent or redaction policies creates a real risk of accidental disclosure of sensitive information. Executing an unpinned external binary (`trivy`) from PATH increases supply-chain risk if the runtime environment is compromised. No direct indicators of malware, network exfiltration, or hardcoded credentials are present in the provided text. Recommended actions: require explicit scoping/consent for confidential knowledge access, implement default redaction/masking of secrets in outputs, document retention/transmission controls, and enforce Trivy integrity checks or sandbox execution before use.