outdated-deps
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes standard security scanning utilities including npm audit, pip-audit, trivy, osv-scanner, and cargo-audit to detect vulnerable components within the project scope.
- [EXTERNAL_DOWNLOADS]: Integrated scanners may download and update vulnerability databases from trusted repositories (such as the OSV database or RustSec) as part of their standard operation to ensure up-to-date detection.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and analyzes external, potentially attacker-controlled manifest files (e.g., package.json, requirements.txt) to identify dependencies.
- Ingestion points: Project manifest and lockfiles (package.json, requirements.txt, Cargo.toml, etc.) as defined in Step 1 of the workflow.
- Boundary markers: The workflow does not explicitly define delimiters to isolate the content of these files from the agent's instructions.
- Capability inventory: The agent has the capability to execute shell commands (specifically the listed security scanners) and read filesystem content.
- Sanitization: There is no mention of sanitizing or escaping the text found within manifest files before it is processed for analysis.
Audit Metadata