sca-security
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install various security tools from well-known services and official registries. This includes fetching Snyk from npm, pip-audit from PyPI, and tools like OSV-Scanner directly from Google's GitHub repository via Go's package manager.
- [COMMAND_EXECUTION]: Provides a comprehensive set of commands for auditing software dependencies across multiple ecosystems (Node.js, Python, Java, Rust, Go, etc.). These commands involve executing local binaries and package managers to scan the filesystem and project manifest files.
- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection (Category 8). The skill's primary function is to ingest and analyze untrusted data from external project files.
- Ingestion points: Reads manifest files such as
package.json,requirements.txt, andpom.xml, as well as scan results in JSON or SARIF formats. - Boundary markers: The instructions do not define explicit delimiters or warnings to ignore instructions embedded within the processed data.
- Capability inventory: Includes subprocess calls for scanning tools, network access for tool updates, and filesystem read/write operations for generating reports.
- Sanitization: There is no mention of sanitizing or escaping the content of external project files before processing or displaying results to the user.
Audit Metadata