dependency-audit
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data from project manifest files and lockfiles, which creates a potential surface for indirect prompt injection attacks where maliciously crafted metadata in those files could attempt to influence the agent's behavior.
- Ingestion points: Dependency manifests (e.g.,
package.json,requirements.txt,pyproject.toml,Cargo.toml,go.mod) and lockfiles are parsed as primary input to the audit workflow. - Boundary markers: The instructions do not define explicit delimiters or warnings to ignore embedded instructions within the processed project files.
- Capability inventory: The skill utilizes file system access to read project configurations and subprocess execution to run auditing tools such as
npm,pip,cargo,snyk, andtrivy. - Sanitization: The workflow relies on the specialized auditing tools to handle the data; no explicit sanitization or validation of the dependency file content is performed by the skill instructions themselves.
Audit Metadata