The Agent Skills Directory

EXTERNAL_DOWNLOADS (LOW): The skill uses npx to fetch and execute remote packages including snyk, eslint, and @semgrep/semgrep. While these are industry-standard security tools, the use of npx involves downloading and executing code from the npm registry. This is downgraded to LOW severity as it is the primary intended function of the skill.\n- COMMAND_EXECUTION (LOW): The skill instructs the agent to run various shell commands (git diff, find, grep, gitleaks) to audit the filesystem for vulnerabilities. These operations are essential for a security scanner and are considered acceptable within this context.\n- INDIRECT_PROMPT_INJECTION (LOW): The skill has a surface for indirect prompt injection as it ingests untrusted code and scanner results to generate a report.\n
Ingestion points: SKILL.md (via git diff, find, grep, and JSON scanner outputs).\n
Boundary markers: Absent; the skill does not use specific delimiters to isolate untrusted data from its reporting logic.\n
Capability inventory: Shell execution (git, grep, npx, find), filesystem access, and network access (via npm/npx).\n
Sanitization: Absent; findings are directly interpolated into the generated security report without validation.

detecting-security-vulnerabilities