skills/mukul975/anthropic-cybersecurity-skills/implementing-semgrep-for-custom-sast-rules/Gen Agent Trust Hub
implementing-semgrep-for-custom-sast-rules
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a wrapper script (scripts/agent.py) that executes the Semgrep CLI to perform security scans. This execution is implemented securely using subprocess.run with a list of arguments and without shell invocation, preventing command injection vulnerabilities.
- [EXTERNAL_DOWNLOADS]: The skill's documentation and reference files (SKILL.md, references/api-reference.md) point to official and trusted package registries and distribution channels for installing the Semgrep tool, such as pip, Homebrew, and Docker.
- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface. (1) Ingestion points: scripts/agent.py parses JSON output from Semgrep, which in turn reads user-provided source code. (2) Boundary markers: Findings and messages extracted from the scanned code are displayed without specific delimiters to distinguish them from the agent's instructions. (3) Capability inventory: The skill has the capability to run system commands and write to the local file system. (4) Sanitization: No sanitization is performed on the messages or metadata returned by Semgrep rules before they are reported.
Audit Metadata