security-scan
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing project source code to generate reports that are then used as context for the 'fuse-ai-pilot:sniper' subagent to perform fixes. An attacker could embed instructions in code comments or strings within the scanned project to manipulate the subagent. \n
- Ingestion points: Project source files identified by markers like
package.json,requirements.txt, andgo.modinSKILL.md. \n - Boundary markers: The report template in
references/templates/scan-report.mdlacks delimiters or specific instructions to ignore embedded commands in matched patterns. \n - Capability inventory: The skill triggers shell script execution (
scripts/security-scan.sh) and delegating tasks to thefuse-ai-pilot:snipersubagent. \n - Sanitization: No sanitization or escaping of the matched code snippets is observed in the provided templates. \n- [COMMAND_EXECUTION]: The workflow in
SKILL.mdincludes the execution of an automated scanning scriptscripts/security-scan.shand references the use of standard audit command-line tools such asnpm audit,composer audit, andpip-audit.
Audit Metadata