skills/jeremylongshore/claude-code-plugins-plus-skills/performing-security-code-review/Gen Agent Trust Hub
performing-security-code-review
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The file assets/example_code_vulnerable.py contains a demonstration of command injection using subprocess.run with shell=True. This code is provided as an educational example of a security weakness and is not part of the skill's operational logic.
- [REMOTE_CODE_EXECUTION]: The file assets/example_code_vulnerable.py demonstrates insecure deserialization using the pickle.loads() function. This is intended to show how attackers can execute arbitrary code via malicious serialized data for training purposes.
- [PROMPT_INJECTION]: Indirect prompt injection surface identified. 1. Ingestion point: The skill is instructed to read all project source files and manifests (SKILL.md). 2. Boundary markers: No explicit delimiters or ignore-instructions are defined in the review instructions. 3. Capabilities: The agent has access to Bash, Write, and Edit tools during the review process. 4. Sanitization: No sanitization or filtering of ingested file content is mentioned before the agent processes the data.
Audit Metadata