Skills
skills/oimiragieo/agent-studio/code-semantic-search/Gen Agent Trust Hub

code-semantic-search

Warn

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a JavaScript file found in the project's .claude directory.
  • Evidence: The runCli function in scripts/main.cjs uses child_process.spawn to execute a script located at .claude/tools/cli/hybrid-search.cjs. The project root is determined by searching upwards for a .claude/CLAUDE.md file.
  • Risk: If an agent is used to search a malicious repository containing a script at that path, the script will be executed with the same privileges as the agent.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection via the query parameter.
  • Ingestion points: User-provided query string in scripts/main.cjs.
  • Boundary markers: None present in the command assembly logic.
  • Capability inventory: Subprocess execution via child_process.spawn in scripts/main.cjs.
  • Sanitization: The query is passed as a command-line argument without explicit validation or escaping, relying on the CLI tool to handle potentially malicious input safely.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 3, 2026, 11:58 AM