project-analyze
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill is designed to ingest and analyze untrusted external project files via git clone, providing a significant attack surface where malicious instructions in project files (e.g., README.md) can influence the agent. * Ingestion point: scripts/analyze.sh and scripts/analyze.ps1 via git clone. * Boundary markers: Absent. * Capability inventory: git clone, cargo run, rm -rf. * Sanitization: Absent.
- Command Execution (HIGH): The shell and PowerShell scripts interpolate user-provided project names into command strings and file paths. This allows for potential command injection and arbitrary file deletion through path traversal in the cleanup and clone logic.
- External Downloads (HIGH): The skill facilitates cloning from any GitHub repository, permitting the download of malicious content designed to exploit the analyzer tool or host environment.
Recommendations
- AI detected serious security threats
Audit Metadata