endor-sast
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the
endorctlcommand-line tool vianpxto perform security scans on the local repository. This is a standard operation for the tool's intended use case of static analysis. - [EXTERNAL_DOWNLOADS]: The skill downloads the
endorctlpackage from the npm registry usingnpx. As this is the official tool from the vendor (Endor Labs), this download is considered a standard and safe dependency. - [PROMPT_INJECTION]: The skill processes untrusted data from the local filesystem (source code) and external scan findings. Ingestion points: Scan findings (Finding resource) and source files analyzed in Step 3. Boundary markers: The prompt instructions lack specific delimiters or instructions to the agent to ignore embedded commands in the processed code. Capability inventory: The skill allows file system reads and command execution via the CLI. Sanitization: No sanitization or escaping of the ingested code snippets is performed before they are presented to the agent.
Audit Metadata