Skills
skills/yijingjia/skills/lint-manager/Gen Agent Trust Hub

lint-manager

Fail

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script run_lint.py is vulnerable to shell command injection. It uses subprocess.run(shell=True) to execute linter commands where filenames from the local project are joined directly into the command string. An attacker could trigger arbitrary code execution by creating files with names containing shell metacharacters (e.g., ; malicious_command ;.py).
  • [EXTERNAL_DOWNLOADS]: Fetches and executes the official installation script for golangci-lint from GitHub via a curl | sh pipeline in scripts/install_linter.py.
  • [REMOTE_CODE_EXECUTION]: Installs various linting tools using remote scripts and package managers (npm, pip, brew) based on detected project languages.
  • [PROMPT_INJECTION]: The skill processes output from external linting tools and provides it to the AI agent. If a linter is configured to run on malicious files, the resulting error messages could contain instructions designed to influence the agent's behavior (Indirect Prompt Injection). Specifically, run_lint.py ingests untrusted tool output from linter subprocesses without sanitization and uses it to guide the agent's fixing workflow.
Recommendations
  • HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 4, 2026, 09:58 AM