security-scan
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Vulnerable to indirect prompt injection through external data processing. The skill is designed to parse Snyk vulnerability reports which are provided by users and considered untrusted input. A maliciously crafted report could contain package names or version strings that include shell injection or instructions to install malicious packages.
- Ingestion points: Snyk vulnerability reports (SKILL.md).
- Boundary markers: Absent; there are no instructions to the agent to treat report content as potentially hostile or to use delimiters to isolate untrusted data.
- Capability inventory: Subprocess execution via
bun i,bun run build, andbun run test(SKILL.md, vuln-direct-deps.md). - Sanitization: Absent; the skill does not include steps to validate or sanitize package names or versions extracted from the reports before using them in shell commands.
- [COMMAND_EXECUTION] (SAFE): The use of
bunandnpmcommands is functionally necessary and restricted to the skill's primary purpose of dependency remediation. While these commands interact with external registries and local files, they are standard developer tools for the intended use case.
Audit Metadata