Skills
skills/alexander-danilenko/cortex-ai-skills/security-reviewer/Gen Agent Trust Hub

security-reviewer

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core workflow of reading and analyzing external codebases and tool outputs.
  • Ingestion points: The agent uses the Read, Grep, and Glob tools to ingest arbitrary file content during security audits (SKILL.md).
  • Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from following instructions embedded within the code being analyzed.
  • Capability inventory: The agent has access to the Bash tool, which is used to execute various security scanners and utilities (references/sast-tools.md).
  • Sanitization: No sanitization or filtering of external content is specified before the agent processes it as context.
  • [COMMAND_EXECUTION]: The skill's configuration allows the use of the Bash tool to perform technical tasks like running SAST tools (e.g., Semgrep, Bandit) and network utilities (e.g., nmap, dig). While these are necessary for the skill's primary purpose, the combination of shell access with the processing of untrusted data increases the risk of command injection if the agent is misled by malicious input.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 03:54 PM