ln-621-security-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and analyzes external codebase files that could contain malicious instructions designed to manipulate the audit report. \n
- Ingestion points: Codebase files accessed via Grep, Read, and Glob tools in the workflow.\n
- Boundary markers: Absent; the skill does not define specific delimiters to isolate untrusted code content from instructions.\n
- Capability inventory: The skill has the ability to execute Bash commands and write files to the local directory.\n
- Sanitization: Absent; the skill does not appear to sanitize or escape the content of the files it audits.\n- [DATA_EXFILTRATION]: While the skill scans for sensitive data such as API keys and AWS credentials, it is designed to record these findings in a local markdown report for the user. No unauthorized network requests or external data transmission patterns were identified.\n- [REMOTE_CODE_EXECUTION]: The skill utilizes the Bash tool to run legitimate security auditing commands (e.g., npm audit, pip-audit, cargo audit). These are standard system commands used for the skill's primary purpose and do not constitute malicious remote code execution.
Audit Metadata