ripgrep
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the ripgrep binary using
child_process.spawnwithshell: false. This is a security best practice that prevents shell-based command injection attacks by ensuring arguments are passed directly to the binary. While ripgrep itself supports powerful features such as the--preflag for executing arbitrary preprocessors, these are standard functionalities of the tool intended for developer productivity. - [PROMPT_INJECTION]: As a tool designed to search and retrieve file contents, the skill provides a surface for indirect prompt injection. Malicious instructions embedded in files could potentially influence an AI agent when search results are processed.
- Ingestion points:
scripts/search.mjsandscripts/quick-search.mjsingest data through ripgrep output. - Boundary markers: The implementation pipes raw output without explicit delimiters or safety warnings for the agent.
- Capability inventory: The skill allows for recursive searching and command execution via the ripgrep binary.
- Sanitization: Command injection is mitigated through non-shell subprocess execution.
- [EXTERNAL_DOWNLOADS]: The skill utilizes the
@vscode/ripgrepnpm package to provide platform-specific binaries. This package is maintained by Microsoft and is an established, trusted source for ripgrep binaries in the Node.js ecosystem.
Audit Metadata