path-traversal-finder
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Unverifiable Dependencies (MEDIUM): The skill specifies
Bash(npm:*)in its allowed tools. This grants the agent the ability to install any package from the npm registry without restriction. In an automated or agentic context, this could lead to the installation of malicious packages or unvetted dependencies. - Command Execution (MEDIUM): The use of
Bashas an allowed tool, even when scoped to a package manager likenpm, provides a powerful primitive that can be used to execute code or scripts on the host system. - Data Exposure (LOW): The skill is granted
Read,Write, andGreppermissions. While intended for security analysis ('path traversal finder'), these tools could be used to read sensitive configuration files or exfiltrate data if the agent is manipulated by an indirect prompt injection. - Indirect Prompt Injection (LOW): Because the skill's primary purpose is to analyze security patterns and input validation (e.g., path traversal), it will inherently ingest untrusted data from external sources. The lack of explicit sanitization instructions for the input data, combined with the
WriteandBashcapabilities, creates an attack surface for indirect prompt injection.
Audit Metadata