unused-code-cleaner
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill is vulnerable to shell injection. It extracts export names from source code and uses them directly in shell commands.
- Evidence: In the 'Unused Export 탐지 방법' section, the skill executes
grep -r ... "<export_name>" .where<export_name>is a string derived from the file content. - Risk: A malicious file containing an export like
export const test_name; rm -rf /;could trigger the execution of the injected command when the skill attempts to search for the export's usage. - [PROMPT_INJECTION] (HIGH): The skill is vulnerable to Indirect Prompt Injection (Category 8) because it processes untrusted data and possesses significant system capabilities.
- Ingestion points: The skill reads file contents and
git diffoutput to identify code patterns. - Boundary markers: Absent. The sub-agent prompt in section 3-A interpolates
[파일 경로]and 'File to analyze' without clear delimiters or 'ignore embedded instructions' warnings. - Capability inventory: The skill can execute shell commands (
git,grep) and perform file-write operations through the orchestrator. - Sanitization: There is no evidence of sanitization or validation of the content extracted from files before it is used in commands or logic.
Recommendations
- AI detected serious security threats
Audit Metadata