yao-websecurity-skill

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The scripts/security_audit_report.py script executes shell commands to perform its duties. It uses subprocess.run to call git clone for fetching targets and subprocess.Popen to launch a headless browser (such as Chrome or Chromium) for rendering high-fidelity PDF reports. These commands are executed using argument lists rather than shell strings, which effectively mitigates command injection risks from user-supplied inputs.
  • [EXTERNAL_DOWNLOADS]: The skill is designed to fetch remote source code from GitHub and other git-based providers for the purpose of security auditing. This behavior is transparently documented and occurs only when initiated by the user for a specific target repository.
  • [DATA_EXFILTRATION]: No unauthorized data transfer mechanisms were found. The skill actively prevents accidental data exposure by implementing a comprehensive redaction system in scripts/security_audit_report.py. This system uses regular expressions to detect and mask sensitive patterns, including AWS keys, Bearer tokens, and private keys, ensuring they are not included in the final security reports.
  • [PROMPT_INJECTION]: The skill operates by analyzing untrusted third-party code, which presents a surface for indirect prompt injection via malicious comments or documentation in the audited files. However, the skill mitigates this risk through strict procedural instructions that require the agent to follow a structured methodology and maintain isolated environment boundaries.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 05:46 AM
Security Audit — agent-trust-hub — yao-websecurity-skill