sc-build
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill uses Bash to execute build processes based on the target project's configuration. This allows for arbitrary code execution within the host environment, as build systems (npm, make, cmake, etc.) can be configured to run malicious scripts during the 'build' or 'compile' phase.
- [PROMPT_INJECTION] (HIGH): The skill is highly vulnerable to Indirect Prompt Injection (Category 8). It ingests untrusted external data (project structure, build files, and configuration) and possesses the capability to execute commands and modify the file system based on that data.
- Ingestion points: Project configuration files and directory structures analyzed in the 'Execution' phase.
- Boundary markers: Absent. The skill does not define delimiters to separate system instructions from untrusted data in the build files.
- Capability inventory: Use of Bash for command execution and file reading for configuration analysis.
- Sanitization: Absent. There is no mention of validating or sanitizing the commands extracted from project files before they are passed to the Bash executor.
Recommendations
- AI detected serious security threats
Audit Metadata