yao-websecurity-skill
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The
scripts/security_audit_report.pyscript executes shell commands to perform its duties. It usessubprocess.runto callgit clonefor fetching targets andsubprocess.Popento launch a headless browser (such as Chrome or Chromium) for rendering high-fidelity PDF reports. These commands are executed using argument lists rather than shell strings, which effectively mitigates command injection risks from user-supplied inputs. - [EXTERNAL_DOWNLOADS]: The skill is designed to fetch remote source code from GitHub and other git-based providers for the purpose of security auditing. This behavior is transparently documented and occurs only when initiated by the user for a specific target repository.
- [DATA_EXFILTRATION]: No unauthorized data transfer mechanisms were found. The skill actively prevents accidental data exposure by implementing a comprehensive redaction system in
scripts/security_audit_report.py. This system uses regular expressions to detect and mask sensitive patterns, including AWS keys, Bearer tokens, and private keys, ensuring they are not included in the final security reports. - [PROMPT_INJECTION]: The skill operates by analyzing untrusted third-party code, which presents a surface for indirect prompt injection via malicious comments or documentation in the audited files. However, the skill mitigates this risk through strict procedural instructions that require the agent to follow a structured methodology and maintain isolated environment boundaries.
Audit Metadata