scan
Warn
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [DYNAMIC_EXECUTION]: The skill instructions specify creating a Python script at 'scanning/{name}_scan.py' based on user-provided criteria. Generating and running executable code from natural language input is a significant security risk as it can be exploited to execute malicious logic.
- [COMMAND_EXECUTION]: The skill is granted access to the Bash tool and uses it to execute the dynamically generated Python script, allowing for arbitrary command execution on the host environment.
- [INDIRECT_PROMPT_INJECTION]: The 'criteria' input serves as a vector for indirect instructions. The skill lacks boundary markers or sanitization logic to prevent a user from providing criteria that results in the generation of unintended or harmful Python code. Evidence: The criteria argument is processed into pre_filter and filter_fn components within a generated Python file.
Audit Metadata