security-scan
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes standard command-line tools including
dotnet list package --vulnerableandnpm auditto identify known vulnerabilities in project dependencies.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its requirement to ingest and analyze untrusted content from the codebase. - Ingestion points: Scans project source files, .env files, configuration files (e.g., appsettings.json), and git history.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands within the scanned files are defined.
- Capability inventory: Performs file system reads and executes subprocesses for security auditing.
- Sanitization: No evidence of sanitization or escaping of the ingested data before it is processed by the agent.
Audit Metadata