code-security-scanner
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Prompt Injection (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it processes untrusted external codebases. An attacker could embed instructions in comments or metadata within the scanned files to deceive the agent or influence the audit report.
- Ingestion points: Target project source code, package.json, and environment files.
- Boundary markers: The skill provides a structured workflow but does not include explicit instructions for the agent to ignore natural language instructions found within the data being analyzed.
- Capability inventory: The skill uses shell commands (grep, find, cat) and package manager utilities (npm audit).
- Sanitization: No explicit sanitization or input validation for shell commands is provided in the instructions.
- Command Execution (SAFE): The skill uses standard utilities like
grepandfindto search for malicious patterns, which is appropriate for its stated purpose as a code scanner.
Audit Metadata