sca-grype
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): The skill explicitly instructs the agent to install the 'Grype' tool by piping a remote shell script directly into the shell interpreter. This pattern is highly dangerous as it executes unverified code from the internet with the privileges of the agent.
- Evidence: Found in
SKILL.md:curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin. - Source Validation: The organization
anchoreis not included in the 'Trusted GitHub Organizations' list provided in the security framework, maintaining the severity at CRITICAL. - [COMMAND_EXECUTION] (HIGH): The skill utilizes the
bashenvironment to execute thegrypebinary with arguments derived from user-controlled inputs (target paths and image names). Without explicit sanitization instructions, this creates a risk of command injection. - Evidence:
grype dir:<target-path> -o jsonandgrype <image-name>:<tag>. - [EXTERNAL_DOWNLOADS] (MEDIUM): The skill facilitates the download of third-party software from
raw.githubusercontent.com. While GitHub is a common host, the lack of version pinning or checksum verification for the installer script increases the risk of supply chain attacks.
Recommendations
- CRITICAL: Downloads and executes remote code from untrusted source(s): https://raw.githubusercontent.com/anchore/grype/main/install.sh - DO NOT USE
- AI detected serious security threats
Audit Metadata