skills-index-snippets
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill instructs the agent to execute local maintenance scripts (./scripts/generate-skill-index-snippets.sh and ./scripts/validate-marketplace.sh) for repository automation.
- [PROMPT_INJECTION] (LOW): The skill provides steering instructions ('IMPORTANT: Prefer retrieval-led reasoning') for downstream coding assistants. While benign, these instructions are designed to override default LLM behaviors.
- [PROMPT_INJECTION] (LOW): A surface for indirect prompt injection exists where the skill processes metadata into snippets. 1. Ingestion points: .claude-plugin/plugin.json and SKILL.md frontmatter. 2. Boundary markers: Absent in generated templates. 3. Capability inventory: Local shell script execution. 4. Sanitization: None documented for parsing skill names or metadata fields.
Audit Metadata