vulnerability-scanner
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to analyze external source code and project structures.
- Ingestion points: The skill uses
Read,Glob, andGreptools to ingest content from a user-provided<project_path>as specified inSKILL.md. - Boundary markers: No explicit delimiters or instructions are provided to the agent to treat the scanned file content strictly as data or to ignore embedded instructions (e.g., malicious comments in the code being scanned).
- Capability inventory: The skill allows the use of the
Bashtool and references a Python script (scripts/security_scan.py), providing a mechanism for command execution based on findings. - Sanitization: There is no evidence of sanitization or escaping of the ingested data before it is processed by the LLM.
- Command Execution (SAFE/INFO): The skill references a local script
scripts/security_scan.pyto be executed viapython3. While the script content was not provided for analysis, the execution pattern is standard for local skill automation and targets the skill's own directory.
Audit Metadata