Skills
skills/0xdarkmatter/claude-mods/data-processing/Gen Agent Trust Hub

data-processing

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill is designed to ingest and process untrusted external data from configuration files.
  • Ingestion points: Processes files such as package.json, .env, docker-compose.yml, and Kubernetes manifests.
  • Boundary markers: Absent. The skill provides direct commands to read these files without delimiters or warnings to ignore embedded instructions.
  • Capability inventory: Utilizes shell execution via the Bash Read tool to run jq and yq commands, including in-place file modifications (yq -i).
  • Sanitization: None. The skill does not validate or escape the content of the data files before processing.
  • [Command Execution] (SAFE): Use of jq and yq is standard practice for structured data manipulation. The patterns provided are idiomatic and follow common utility usage.
  • [Data Exposure] (LOW): The skill description explicitly mentions triggering on .env files. While no exfiltration logic is detected, processing environment files can inadvertently expose sensitive credentials to the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:08 PM