security-scanner
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection vulnerabilities.
- In g e s t i o n p o i n t s: The skill reads all source files, configuration files, and dependency manifests from a target directory (
./audit-target) which may be populated from a user-provided GitHub repository. - Bo u n d a r y m a r k e r s: The instructions lack delimiters or explicit directives for the agent to disregard instructions found within the analyzed codebase.
- Ca p a b i l i t y i n v e n t o r y: The skill uses
ghfor cloning,g r e pandg l o bfor file discovery, and has file-read and file-write access within the workspace to generate reports. - Sa n i t i z a t i o n: No sanitization is performed on the content read from the target project before the agent processes it.
- [EXTERNAL_DOWNLOADS]: The skill performs downloads from external sources.
- E v i d e n c e:
gh repo clone <url> ./audit-targetinS K I L L . m d. - C o n t e x t: This operation is the intended primary purpose of the skill, allowing it to audit remote repositories as requested by a user.
- [COMMAND_EXECUTION]: The skill utilizes several system commands for its operation.
- E v i d e n c e: The skill invokes
gh,g r e p, andm k d i rvia the shell. - C o n t e x t: These commands are used for project reconnaissance, pattern matching during the security audit, and directory management for the final reports.
Audit Metadata