frontend-mobile-security-xss-scan
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for running security-related shell commands such as 'npm install', 'eslint', and 'semgrep'. These are standard development tools and do not represent a security risk when used for their intended purpose.\n- [EXTERNAL_DOWNLOADS]: The skill recommends installing 'eslint-plugin-security' via npm. This is a well-known and trusted package within the JavaScript ecosystem for identifying security vulnerabilities.\n- [PROMPT_INJECTION]: The skill's primary function is to ingest and analyze external source code files, which introduces a potential surface for indirect prompt injection. Malicious instructions could be embedded within the scanned files.\n
- Ingestion points: The 'scanDirectory' method in 'SKILL.md' utilizes 'fs.readFile' to read source code from the local filesystem.\n
- Boundary markers: The scanning logic does not implement specific delimiters or instructions to treat the ingested content strictly as data, potentially allowing embedded instructions to be interpreted by the agent.\n
- Capability inventory: The skill includes logic for filesystem access and automated reporting, which could be misused if an injection occurs.\n
- Sanitization: The input code is processed using static pattern matching and is not sanitized before being analyzed by the agent.
Audit Metadata