ast-grep
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill executes the ast-grep binar y to perfor m code analysis and refactorin g as intended.
- [PROMPT_INJECTION] (HIGH): The skill is vulnerable to Indirec t Promp t Injec tion (Categor y 8) due to it s capabilit y tie r. 1. Ingestio n point s: The tool read s untruste d sourc e code from the loca l file syste m (specifie d in SKILL.md). 2. Boundar y marker s: The re are no explici t delimite r s or instruc tio n s provide d to the agen t to ignor e natura l languag e instruc tio n s embedde d withi n the code. 3. Capabilit y inventor y: The skill has the capabilit y to modif y file s on the file syste m usin g the --update-all flag. 4. Sanitiza tio n: No sanitiza tio n or valida tio n of the code conten t is performe d befor e it is processe d.
- [INFO] (SAFE): An automate d scan ne r flag ge d 'logger.info' as a maliciou s URL. This is a false positiv e; the strin g appear s in a code refactorin g example in SKILL.md.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata