senior-security
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Indirect Prompt Injection] (HIGH): Ingestion points: The skill reads external project files via scripts like security_auditor.py and threat_modeler.py. Boundary markers: Absent. Capability inventory: Automated file fixes and execution of multiple Python scripts across different languages. Sanitization: Absent. This combination allows malicious code in the target project to potentially control the agent during the analysis or fix phase.
- [Command Execution] (MEDIUM): The skill documentation lists extensive use of subprocesses to run local Python scripts and external binaries like docker and kubectl.
- [External Downloads] (LOW): Standard package managers npm and pip are used for dependency setup, although specific packages are not enumerated in the main skill file.
Recommendations
- AI detected serious security threats
Audit Metadata