vulnerability-scanner
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and analyze external files within a user-provided project path, which exposes the agent to untrusted data that could contain malicious instructions (Indirect Prompt Injection).
- Ingestion points: The agent reads content from files at the provided
<project_path>using tools likeRead,Glob, andGrepas part of its 'Scanning Methodology'. - Boundary markers: The skill definition does not provide clear delimiters or 'ignore' instructions to help the agent distinguish between data to be scanned and potential adversarial instructions embedded within the scanned content.
- Capability inventory: The skill authorizes the use of powerful tools including
Bash,Read,Glob, andGrep, which could be exploited if the agent inadvertently follows instructions found in scanned files. - Sanitization: There are no explicit instructions for the agent to sanitize, escape, or validate the content read from the external project directory before processing it.
Audit Metadata