security-scan
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/analyze-security.shperforms unsafe string concatenation when generating its JSON scan plan. It interpolates unsanitized command-line arguments (e.g.,--target,--container,--iac) directly into thecritical_actionsarray. If these generated command strings are subsequently executed by an agent or a user, it could lead to arbitrary shell command injection or parameter injection attacks. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8) because it processes external identifiers and contexts without sanitization.
- Ingestion points: The CLI arguments
--target,--container,--iac, and--contextinscripts/analyze-security.shallow external data to enter the agent's context. - Boundary markers: None. User-controlled variables are inserted directly into the JSON heredoc without delimiters or "ignore instructions" warnings.
- Capability inventory: The skill uses
command -vto check for the presence of multiple system tools (npm, snyk, trivy, zap, etc.) and generates actionable shell commands intended for security scanning. - Sanitization: No input validation, escaping, or schema enforcement is applied to the arguments before they are included in the generated output.
Audit Metadata