gource-visualizer
Warn
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The orchestration scripts
scripts/render-video.shandscripts/render-headless.shuseevalandbash -cto execute shell commands constructed through string concatenation. This pattern is vulnerable to command injection if variables like$title,$logo, or$repo_pathcontain malicious shell metacharacters. - [COMMAND_EXECUTION]: The script
scripts/install-gource.shutilizessudo apt-getto install system-level dependencies. While common for installers, this grants the skill elevated privileges during the setup phase. - [EXTERNAL_DOWNLOADS]: The skill fetches contributor profile pictures from GitHub's official API (
api.github.com) and avatar services inscripts/resolve-avatars.sh. - [EXTERNAL_DOWNLOADS]: Installation procedures described in
references/installation-guide.mdandscripts/install-gource.shinvolve downloading packages from official system registries (APT, Homebrew). - [PROMPT_INJECTION]: The skill ingests untrusted data from repository history (git logs, tags, and contributor emails) and processes it to generate visualizations and fetch external avatars. This data is passed to subprocesses including Gource, FFmpeg, and ImageMagick (
convert), creating a surface for potential indirect injection attacks through malicious repository metadata. - Ingestion points:
scripts/resolve-avatars.sh(GitHub API),scripts/detect-repo.sh(git log),scripts/generate-captions.sh(git tags). - Boundary markers: Absent.
- Capability inventory: Subprocess execution of Gource, FFmpeg, ImageMagick across all render scripts; shell orchestration in
scripts/render-video.sh. - Sanitization:
json_escapeinscripts/detect-repo.shprovides minimal sanitization for JSON output; however, shell interpolation inscripts/render-video.shlacks robust escaping.
Audit Metadata