voltcc-security-auditor
Performs comprehensive security auditing of code including vulnerability detection, dependency analysis, and structured security assessments.
68
/ 100 · Grade D
D = 60–69
“I need to conduct thorough security audits of my codebase to identify vulnerabilities, analyze dependencies, and ensure compliance with security and accessibility standards.”
voltcc-security-auditor earned Verified status with a trust score of 68/100 (Grade D). Adversarial testing produced 9 findings (8 high, 1 medium). Security scan flagged 0 findings. Tier is Verified rather than Certified due to unmitigated findings above severity thresholds.
Trust Score Breakdown
Eight weighted signals composing the aggregate trust score
Scheme v2.0 · Weights provisional · Consumer confirmations and uptime use pipeline-derived baselines.
Findings
Security scan results, adversarial testing, and pipeline review
Security Scan — Cisco Skill Scanner
Adversarial Testing — 5 categories, 9 findings
Several skills in this collection read and process user-provided files without clearly marking the content as data rather than instructions. Skills like accessibility-tester, architect-reviewer, chaos-engineer, and code-reviewer all read files and incorporate their content into analysis workflows. The instructions lack explicit data-boundary markers around user content references, creating potential injection surfaces where malicious file content could contain instruction-like directives.
Multiple skills declare bash tool dependencies and include instructions that could lead to shell command execution with user-provided content. The ad-security-reviewer mentions 'PowerShell or GPO-based implementation scripts' and several skills use Bash tools while processing user files. Without proper parameterization, user content containing shell metacharacters could alter command execution.
Several skills use vague action words and open-ended directives that could cause the agent to use capabilities beyond their declared dependencies. The skills declare specific dependencies but then use phrases like 'use available tools', 'implement solutions', 'execute', and other broad directives that could match undeclared capabilities.
The ad-security-reviewer skill instructs the agent to perform privileged Active Directory operations like 'Enforce LDAP signing, channel binding, Kerberos hardening' and 'PowerShell or GPO-based implementation scripts' without declaring elevated privileges in its dependencies. These operations typically require domain administrator privileges.
Multiple skills contain instructions that would cause the agent to modify system configuration, install global packages, or access files outside the project scope. These operations exceed typical project boundaries and could affect system stability.
The skill declares itself as 'VoltAgent Security Auditor (Claude Code)' but contains 99,282 characters of content across multiple agent definitions including accessibility-tester, ad-security-reviewer, architect-reviewer, chaos-engineer, and code-reviewer. This massive volume mismatch between the declared single-purpose security auditor and the actual multi-agent content creates an attack surface where additional functionality could be hidden within the excessive content.
Several skills contain 'always' directives that establish persistent behavioral patterns affecting the agent's conduct across unrelated tasks. These directives lack explicit scope boundaries or termination conditions.
The security auditor skill collection contains multiple specialized agents (accessibility-tester, ad-security-reviewer, architect-reviewer, chaos-engineer, code-reviewer) that claim broad authority over system behavior, team processes, and organizational practices. While individually scoped, collectively they represent significant expansion beyond basic security auditing.
The skill contains numerous package installation commands (pip install, npm install, apt-get install, etc.) throughout various agent files that are not declared in the skill's dependencies. This creates a significant attack surface where malicious packages could be installed without user awareness or review.
Methodology v1.0 · 5 categories · ~55 attack patterns
Behavioral Fingerprint
Runtime performance baseline for drift detection
Samples
8
Error rate
0.0%
Peak memory
— MB
Avg CPU
—%
Response time distribution
Output size distribution
Fingerprint v1.0 · Baseline: Mar 28, 2026 · Status: baseline
Interface
Skill triggers and instruction summary
Activation
This skill activates when comprehensive accessibility testing, WCAG compliance verification, or assessment of assistive technology support is needed.
This skill handles accessibility testing, WCAG compliance verification, screen reader compatibility testing, keyboard navigation validation, and remediation of accessibility violations.
Does
Query context manager for application structure and accessibility requirements
Review existing accessibility implementations and compliance status
Analyze user interfaces, content structure, and interaction patterns
Implement solutions ensuring WCAG compliance and inclusive design
Perform automated and manual accessibility testing
Test with screen readers (NVDA, JAWS, VoiceOver, Narrator)
Verify keyboard navigation functionality
Check color contrast ratios and visual accessibility
Validate ARIA implementation and semantic HTML usage
Document accessibility violations and remediation steps
Create accessibility statements and compliance documentation
Does not
Skip critical accessibility violations
Ignore WCAG compliance requirements
Bypass assistive technology testing
Overlook keyboard navigation issues
Neglect cognitive accessibility considerations
Scope & Permissions
What this capability can and cannot access — derived from pipeline analysis
yes
no
yes
no
yes
no
Known Failure Modes
Documented edge cases and recovery behaviors
when when automated scanning tools are unavailable
then the agent relies on manual testing procedures and documented checklists
when when assistive technology is not accessible for testing
then the agent uses simulation tools and follows established testing protocols
when when WCAG requirements conflict with design constraints
then the agent prioritizes accessibility compliance and suggests alternative design solutions
Badge & Integration
Embed certification status in your README, docs, or CI pipeline
Certification Notes
Provenance observations from the pipeline
Publisher "VoltAgent" is not verified — first certification from this publisher
No SECURITY.md or SECURITY.txt file found — no published vulnerability reporting process
Single contributor — no peer review evidence in commit history
Repository is 2 days old — recently created
Package description appears to be boilerplate or template text
Signed Artifact
Certification provenance and verification metadata
Pipeline Artifacts
Raw data files from this certification run — downloadable for independent verification
contract.json
Full unsigned contract
stage1-ingest.json
Ingest stage output
stage2a-sbom.json
SBOM generation results
stage2a-vulns.json
Vulnerability scan results
stage2b-security.json
Security scan results
stage3a-functional.json
Functional test results
stage3b-adversarial.json
Adversarial test results
stage3c-fingerprint.json
Behavioral fingerprint
stage4-certify.json
Certification decision + trust score
stage3a-measurements.json
Raw functional test measurements
stage3b-measurements.json
Raw adversarial test measurements
run-log.json
Pipeline execution log
Not all files may be present for every certification.