analyzing-dependencies
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions and scripts refer to the installation of several well-known security auditing tools from public registries if they are not already available in the environment. These tools include
pip-audit,safety,bundler-audit, andcargo-audit. - [COMMAND_EXECUTION]: The skill executes external CLI tools via shell scripts and the Python
subprocessmodule to perform audits and list dependencies. For instance,scripts/license_compliance_checker.pyusessubprocess.runto callnpm lsandpip-licenses. - [PROMPT_INJECTION]: The skill's architecture is susceptible to indirect prompt injection due to its handling of external, untrusted project data.
- Ingestion points: Project manifest files (e.g.,
package.json,requirements.txt,composer.json,Cargo.toml) and the outputs of various auditing tools serve as ingestion points for external data into the agent context. - Boundary markers: The skill does not employ explicit delimiters or instructions to the agent to treat data from manifest files as purely informational or to ignore embedded instructions within that data.
- Capability inventory: The skill is configured with access to tools including
Bash,Read, andWrite, and it provides scripts capable of executing shell commands. - Sanitization: While the included Python scripts parse structured JSON data, the skill does not explicitly sanitize package names or version strings extracted from manifest files before incorporating them into generated remediation commands.
Audit Metadata