sc-build
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill coordinates with the 'Bash' tool to execute build targets and processes. Because it is designed to run arbitrary shell commands defined in a project's build system, it carries an inherent risk of command execution. Per guidance, this is downgraded from HIGH to MEDIUM as it is the primary intended purpose of the skill.
- [REMOTE_CODE_EXECUTION] (LOW): The skill's behavior flow includes 'dependency verification' and 'toolchain validation'. In typical development environments, these actions involve downloading and executing external packages or binaries, which presents a risk of RCE if the project uses malicious or unpinned dependencies.
- [PROMPT_INJECTION] (LOW): Surface for Indirect Prompt Injection (Category 8) detected. 1. Ingestion points: The skill uses the 'Read' tool to analyze project configurations and the 'Grep' tool to parse error logs. 2. Boundary markers: No delimiters or explicit instructions to ignore embedded instructions are present. 3. Capability inventory: The skill has access to 'Bash' for command execution and 'Write' for creating files. 4. Sanitization: No sanitization or validation of ingested file content is specified before the agent processes it.
Audit Metadata