review-deps
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes native security audit commands across multiple ecosystems, including
npm audit,pip-audit,cargo audit,go list,composer audit, anddotnet list package. These commands are used as intended for security analysis tasks.\n- [EXTERNAL_DOWNLOADS]: Utilizes the GitHub CLI to fetch repository-specific Dependabot alerts from GitHub's official API. This provides a cloud-based view of security risks alongside local analysis using a trusted platform source.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by reading and processing project manifest files (such aspackage.jsonorCargo.toml). This untrusted external data is subsequently passed to analysis agents.\n - Ingestion points: SKILL.md (Phase 1 and 2) reads various project manifest files and security tool outputs.\n
- Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions for the content of ingested manifests.\n
- Capability inventory: The skill uses a broad set of shell commands for auditing different software stacks.\n
- Sanitization: There is no explicit sanitization performed on the data retrieved from manifests or tool outputs before it is analyzed by agents.
Audit Metadata