semgrep-rule-variant-creator
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface (Category 8) due to the ingestion and processing of user-provided Semgrep rules.
- Ingestion points: The skill accepts existing Semgrep rules as YAML file paths or content in SKILL.md.
- Boundary markers: No delimiters or protective instructions are used to distinguish the rule content from the agent's operational logic.
- Capability inventory: The skill executes the
semgrepCLI (e.g., --validate, --test, --dump-ast) as documented in SKILL.md. - Sanitization: The skill does not describe any validation or cleaning of the input rule content prior to processing.
- [COMMAND_EXECUTION]: The skill performs local CLI operations that depend on the structure of user-provided files.
- Evidence: Workflow phases include running commands like
semgrep --validate --config rule.yamlandsemgrep --teston rule files created from user input.
Audit Metadata