misconfig
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes external command-line tools (checkov, tfsec, kics, trivy, and semgrep) to perform specialized security scans on configuration and infrastructure-as-code files. This is a primary function of the skill and uses standard security tooling.
- [INDIRECT_PROMPT_INJECTION]: The skill reads untrusted data from the user's codebase during the manual analysis phase. 1. Ingestion points: Step 4 reads content from configuration files (*.env, *.yaml, .json) and source files (.py, *.js, etc.) using Grep and Read tools. 2. Boundary markers: No explicit markers are defined to isolate untrusted file content from the agent's instructions. 3. Capability inventory: The skill executes subprocesses for multiple scanners and has the ability to read and write files within the project context. 4. Sanitization: The skill does not describe specific sanitization logic for the content read from user files before it is processed by the agent.
Audit Metadata