Skills
skills/sickn33/antigravity-awesome-skills/zeroize-audit/Gen Agent Trust Hub

zeroize-audit

Warn

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses uv and uvx to execute analysis scripts, which may involve downloading and running external packages from public registries.
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute internal shell scripts and system compiler components like clang and cargo to perform its analysis tasks.
  • [REMOTE_CODE_EXECUTION]: The skill's 5b-poc-validator agent compiles and runs Proof-of-Concept programs derived from the audited codebase, representing a dynamic execution risk of code generated based on untrusted inputs.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection from the repository it audits as it lacks sanitization and boundary markers between the audited data and the agent's instructions.
  • [PROMPT_INJECTION]: Ingestion points: Audited source files within the repository specified by the path argument.
  • [PROMPT_INJECTION]: Boundary markers: None specified to separate audited code from instructions for the 11-phase agent pipeline.
  • [PROMPT_INJECTION]: Capability inventory: Bash, Write, Task, clang, and cargo compiler toolchains.
  • [PROMPT_INJECTION]: Sanitization: No input validation or sanitization is performed on the audited source code.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 28, 2026, 11:18 PM