The Agent Skills Directory

[DATA_EXFILTRATION]: The skill's primary functionality involves scanning the target project's filesystem for highly sensitive data, including AWS access keys, GitHub tokens, private keys, and database connection strings with embedded passwords. While the findings are saved to local reports, the systematic identification of these credentials represents a significant data exposure risk.\n- [COMMAND_EXECUTION]: The scripts/full_scan.py and scripts/dependency_check.py scripts utilize subprocess.run() to execute various system commands and security utilities such as npm audit, pip-audit, safety, and bandit.\n- [EXTERNAL_DOWNLOADS]: The documentation directs the user to install and run external software. While several tools are well-known industry standards, the skill also promotes the installation of an unverified utility (fix-react2shell-next) to address specific vulnerabilities.\n- [REMOTE_CODE_EXECUTION]: The recommendation to use npx fix-react2shell-next involves downloading and executing code from a remote registry. This represents a potential remote code execution vector if the package source is not verified or if the package is malicious.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted file content without sanitization or boundary markers.\n
Ingestion points: The auditing scripts recursively read and process the content of every file in the target project directory through scripts/full_scan.py and scripts/secrets_scan.py.\n
Boundary markers: No boundary markers or 'ignore' instructions are used when processing the untrusted file content.\n
Capability inventory: The skill possesses shell execution capabilities via subprocess.run() and filesystem write permissions for report generation.\n
Sanitization: The skill does not perform sanitization of the scanned content, which is directly processed by regex engines and included in output reports.

Geek-skills-security-audit