maven-search
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- External Downloads (LOW): The skill facilitates downloading JAR and POM files from repo1.maven.org. While this is the industry standard repository for Java artifacts, downloading external binaries is a flagged operation. Severity is reduced as it is the primary purpose of the skill.
- Indirect Prompt Injection (LOW): The skill ingests and parses POM files from external sources, which could contain malicious instructions designed to manipulate the agent.
- Ingestion points: XML parsing described in examples/analyze-dependencies.md.
- Boundary markers: None specified. No delimiters or warnings are used when processing the XML content.
- Capability inventory: HTTP GET requests and XML parsing.
- Sanitization: No validation or sanitization of the external XML content is mentioned.
- Data Exfiltration (LOW): The skill performs network requests to search.maven.org and repo1.maven.org. These domains are not on the internal whitelist but are reputable public repositories.
Audit Metadata