claude-code-templates
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Privilege Escalation] (MEDIUM): The
SKILL.mdfile provides instructions for the user to executechmod +xon a template-generated hook script. Granting execution permissions is a monitored privilege escalation pattern. - [Indirect Prompt Injection] (LOW): The
assets/hook-script.shtemplate ingests untrusted tool data via stdin, establishing an attack surface for indirect prompt injection. (1) Ingestion points: Stdin viacatinassets/hook-script.sh. (2) Boundary markers: Not present in the template. (3) Capability inventory: The script includes logic for writing usage logs to the local filesystem. (4) Sanitization: Structural validation is performed usingjq.
Audit Metadata