lint-and-validate
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- COMMAND_EXECUTION (HIGH): The skill uses the Bash tool to run Python scripts (scripts/lint_runner.py and scripts/type_coverage.py) on a project path provided as a variable. This introduces a command injection risk if the path is not sanitized. Furthermore, the content of these scripts is not provided, making them unverifiable and dangerous.
- REMOTE_CODE_EXECUTION (HIGH): The procedures include commands like 'npx eslint' and 'npx tsc'. The npx utility can automatically download and execute packages from the remote npm registry, which poses a significant risk if an attacker can influence the environment or if typosquatted packages are referenced.
- PROMPT_INJECTION (HIGH): The skill is highly susceptible to Indirect Prompt Injection. Evidence Chain: (1) Ingestion: The skill processes untrusted code files within a user-specified project path. (2) Boundaries: There are no delimiters or instructions to ignore embedded commands in the processed data. (3) Capabilities: The skill can execute Bash commands and Python code. (4) Sanitization: No sanitization is performed on the files being linted. Malicious project files could exploit the linters or the runner scripts.
- EXTERNAL_DOWNLOADS (MEDIUM): The use of 'npm audit' and 'npx' necessitates connections to external registries (npmjs.com) to fetch metadata or packages.
Recommendations
- AI detected serious security threats
Audit Metadata