security-audit
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines several shell commands that execute script files (
security-scan.shandcve-remediate.sh) to automate security workflows. These scripts perform operations like scanning for CVEs and attempting automatic fixes vianpm audit fix. - [EXTERNAL_DOWNLOADS]: The skill relies on
npxto fetch and execute the@claude-flow/clitool from the npm registry at runtime. While the tool source is not explicitly listed in the trusted vendor list, its use is consistent with the skill's stated purpose and contains no signs of obfuscation or malicious intent. - [PROMPT_INJECTION]: As the skill is designed to process and analyze a codebase, it presents an attack surface for indirect prompt injection from files within the target directory.
- Ingestion points: Source code files and configuration files processed during the security scan in
security-scan.sh. - Boundary markers: No explicit boundary markers or warnings to the agent are present in the scripts to mitigate processing malicious content embedded in the scanned files.
- Capability inventory: The skill executes shell commands via
npxandnpm, and has read access to the local file system. - Sanitization: There is no indication of content sanitization or isolation before processing codebase data.
Audit Metadata