code-complexity
Warn
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell interpolation for path arguments in commands like 'radon cc ${1:-.} -s -a --min B'. This allows for potential command injection if a user-supplied path contains shell metacharacters like semicolons or pipes.
- [COMMAND_EXECUTION]: The skill employs dynamic context injection via the '!' syntax in the Context section to execute find commands at load time. While these specific discovery commands are benign, the use of silent pre-execution shell commands is a high-privilege pattern.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. 1. Ingestion points: Untrusted project files are discovered via find, Glob, and Read (SKILL.md). 2. Boundary markers: There are no delimiters or warnings to ignore instructions embedded in the analyzed code. 3. Capability inventory: The skill has the capability to execute subprocesses via Bash (npx, radon, cargo). 4. Sanitization: There is no validation or sanitization of the file content or the path argument before processing.
Audit Metadata