sca-grype
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [Remote Code Execution] (CRITICAL): The skill directs the agent to install software by piping a remote shell script directly to 'sh' (https://raw.githubusercontent.com/anchore/grype/main/install.sh). This pattern allows for arbitrary code execution from a source not listed as trusted.
- [External Downloads] (HIGH): The prerequisite installation script is fetched from the 'anchore' GitHub organization, which is not included in the pre-defined 'Trusted GitHub Organizations' list.
- [Indirect Prompt Injection] (HIGH): The skill scans untrusted filesystems or container images and processes the output. Ingestion points: 'grype-results.json' produced by scanning external targets. Boundary markers: None used to delimit tool output. Capability inventory: Uses 'bash' for command execution and file operations. Sanitization: No validation of scan results before the agent interprets them for 'actionable upgrade paths'.
Recommendations
- CRITICAL: Downloads and executes remote code from untrusted source(s): https://raw.githubusercontent.com/anchore/grype/main/install.sh - DO NOT USE
- AI detected serious security threats
Audit Metadata