Skills
skills/adaptationio/skrillz/plugin-builder/Gen Agent Trust Hub

plugin-builder

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The script scripts/init_plugin.py accepts user-provided strings for plugin metadata and writes them directly into the generated .claude-plugin/plugin.json and README.md files. This establishes a surface where malicious instructions could be embedded in metadata and later executed by other agents that process the generated plugin files.
  • Ingestion points: description, author_name, and author_email fields in scripts/init_plugin.py.
  • Boundary markers: No delimiters or safety warnings are used when writing the user-provided content into the output files.
  • Capability inventory: The script performs local file and directory creation (Path.mkdir, json.dump, open().write()).
  • Sanitization: No sanitization, escaping, or validation is performed on the content of the description or author strings.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:29 PM