indicator-scanner
Warn
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to create and run Python scripts using user-defined arguments via the Bash tool, which facilitates the execution of arbitrary logic and dynamic code.
- [PROMPT_INJECTION]: Input arguments are used to construct file system paths for directory and file creation without sanitization, creating a vulnerability to directory traversal attacks where an attacker could write files outside intended directories.
- [COMMAND_EXECUTION]: The instructions require the generated code to load a .env file from the project root. This practice is risky as these files typically contain sensitive credentials or API keys that become accessible to the dynamically created scripts.
Audit Metadata