security-scan
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- External Downloads (HIGH): The Go vulnerability scanner (Step 2.2) pulls and executes a Docker image (sonatypecommunity/nancy:latest) from a non-whitelisted source. This constitutes an untrusted download and execution of remote code.
- Indirect Prompt Injection (MEDIUM): The skill reads content from arbitrary files using grep and presents it to the agent without sanitization. Malicious content in scanned files could influence the agent's verdict. 1. Ingestion points: repository files via grep. 2. Boundary markers: Absent. 3. Capability inventory: Influences commit and pull request flows. 4. Sanitization: Absent.
- Command Execution (LOW): The skill executes multiple shell commands to perform audits, which increases the potential attack surface but is expected for its stated purpose.
Recommendations
- AI detected serious security threats
Audit Metadata