skills/paulrberg/dot-agents/bump-deps/Gen Agent Trust Hub

bump-deps

Fail

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The shell script scripts/run-taze.sh contains a command injection vulnerability where the include_flag variable is expanded without quotes in the execution path (taze major $recursive $include_flag --include-locked). Shellcheck is explicitly disabled for this line to allow word splitting, which enables arbitrary command execution if a package name contains metacharacters such as ;, &, or |.
  • [REMOTE_CODE_EXECUTION]: The SKILL.md file instructs the agent to construct shell commands by directly interpolating package names (e.g., taze major --write --include <pkg1>,<pkg2>,<pkg3>). This creates a vulnerability where an attacker-controlled package.json file containing malicious package names could trigger arbitrary code execution when the agent attempts to apply updates.
  • [COMMAND_EXECUTION]: The skill performs shell command execution to run its internal script, the taze dependency tool, and the ni package manager wrapper.
  • [EXTERNAL_DOWNLOADS]: The skill recommends and utilizes external CLI tools taze and ni which are fetched from the npm registry.
  • [DATA_EXFILTRATION]: The identified command injection vulnerabilities could be leveraged to exfiltrate project files, environment variables, or other sensitive data from the execution environment.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 10, 2026, 09:34 AM
Security Audit — agent-trust-hub — bump-deps