Skills
skills/mckinsey/agents-at-scale-ark/ark-vulnerability-fixer/Gen Agent Trust Hub

ark-vulnerability-fixer

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches vulnerability data from the CIRCL CVE database (cve.circl.lu) and clones source code from the official project repository (github.com/mckinsey/agents-at-scale-ark). These are legitimate sources for security remediation tasks.
  • [COMMAND_EXECUTION]: Employs standard development and package management tools (git, npm, go, pip, make) to perform repository operations and dependency updates. These commands are necessary for the skill's stated purpose.
  • [REMOTE_CODE_EXECUTION]: A piped command sequence (curl | python3 -m json.tool) is used to format API responses. Analysis confirms this is for JSON pretty-printing rather than arbitrary code execution.
  • [PROMPT_INJECTION]: The skill ingests data from an external CVE API. Ingestion points: curl API call in SKILL.md. Boundary markers: Absent. Capability inventory: git, npm, go, pip, make, and gh commands in SKILL.md. Sanitization: Absent. The risk of indirect prompt injection is mitigated by the mandatory human-in-the-loop protocol.
  • [SAFE]: The skill follows security best practices by requiring explicit user confirmation ('STOP AND WAIT') before making any modifications or submitting pull requests.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 12:59 AM