Skills
skills/glincker/claude-code-marketplace/security-scanner/Gen Agent Trust Hub

security-scanner

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute standard project auditing commands such as npm audit, pip-audit, and cargo audit to identify vulnerable dependencies.- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it reads and processes untrusted source code from the user's project environment.
  • Ingestion points: Project files are identified using the Glob tool and ingested into the agent context using the Read tool.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to help it distinguish between its own operational instructions and potentially malicious instructions embedded within the scanned source code.
  • Capability inventory: The skill allows the agent to use Bash, Read, Grep, and Glob tools across the project file system.
  • Sanitization: No sanitization or validation logic is defined for the content extracted from project files before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 11:48 PM
Security Audit — agent-trust-hub — security-scanner