security-scanning
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (HIGH): The skill instructions and .pre-commit-config.yaml reference repositories (e.g., gitleaks/gitleaks, Yelp/detect-secrets) and packages that are not on the verified Trusted Source list.
- [REMOTE_CODE_EXECUTION] (HIGH): The use of pre-commit hooks to download and execute scripts from unverified GitHub repositories at runtime presents a significant remote code execution vector.
- [COMMAND_EXECUTION] (HIGH): The skill relies on the Bash tool for its core operation, providing a high-privilege capability that could be abused to execute arbitrary commands if the agent is compromised.
- [PROMPT_INJECTION] (HIGH): The skill exhibits a significant Indirect Prompt Injection surface (Category 8). Evidence: 1. Ingestion points: Scanning untrusted codebases via Grep, Glob, and Bash scanners. 2. Boundary markers: Absent; no delimiters separate untrusted file content from instructions. 3. Capability inventory: High-risk subprocess calls (Bash) and file-read operations. 4. Sanitization: Absent; tool outputs are interpolated into shell command substitutions without escaping, allowing malicious project findings or filenames to influence agent execution.
Recommendations
- AI detected serious security threats
Audit Metadata