security-sentinel
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to execute recursive grep commands on the local filesystem to search for sensitive patterns in source code such as input parameters, database queries, and credentials.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it analyzes untrusted source code files without isolation. 1. Ingestion points: Source files (.js and .rb) are searched and read. 2. Boundary markers: The instructions lack markers or ignore-rules for audited content. 3. Capability inventory: The agent can execute shell searches and generate audit reports. 4. Sanitization: No sanitization is performed on the code content before it is processed by the agent.
Audit Metadata