zeroize-audit
Warn
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill makes extensive use of the
Bashtool to orchestrate its 8-phase analysis pipeline. It executes numerous internal scripts (e.g.,emit_ir.sh,emit_asm.sh,validate_rust_toolchain.sh) and external toolchains likeclang,cargo, andrustcto perform its analysis. - [REMOTE_CODE_EXECUTION]: In Phases 4 and 5, the skill utilizes agents
5-poc-generatorand5b-poc-validatorto create and subsequently execute Proof-of-Concept programs on the host. This runtime execution of generated code is a significant capability that could be exploited if the generation logic is influenced by malicious input code. - [EXTERNAL_DOWNLOADS]: The skill documentation references the use of
uvanduvxfor running Python-based analysis scripts (semantic_audit.py,find_dangerous_apis.py, etc.). These tools may fetch and manage external dependencies from public registries during the analysis process. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted source code from external repositories. This data is then used to influence the generation of PoCs and the final analysis report. The skill lacks explicit boundary markers or sanitization steps for the ingested data before it influences high-privilege operations like code execution.
Audit Metadata