sast-rce
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security issues were detected. The skill is designed to analyze code for security flaws and provides accurate technical guidance on RCE detection.
- [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection as it is designed to ingest and process untrusted external data (project source code and architecture files). This is an inherent risk of its primary function as a SAST tool.
- Ingestion points: The skill reads
sast/architecture.mdand the source code of the target project during the reconnaissance and verification phases. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present when the subagents process the untrusted codebase content.
- Capability inventory: The skill utilizes file reading and writing capabilities, as well as the ability to spawn subagents for parallel processing.
- Sanitization: No explicit sanitization or filtering of the analyzed source code is implemented before it is processed by the LLM subagents.
Audit Metadata