Skills
skills/athola/claude-night-market/makefile-dogfooder/Gen Agent Trust Hub

makefile-dogfooder

Warn

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs active testing of Makefiles by executing targets using subprocess.run(['make', ...]) as described in the Testing Module. While it recommends dry-runs (make -n), the full test mode executes targets directly.
  • [COMMAND_EXECUTION]: The Generation Module creates and applies new shell-executable targets to the local filesystem. These templates include direct Python execution via python -c and other shell commands which are then triggered by the agent or user.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection via the processing of untrusted Makefiles.
  • Ingestion points: The Discovery and Analysis phases in SKILL.md and modules/analysis.md read the contents of all files matching Makefile patterns.
  • Boundary markers: None are defined to isolate data from instructions during parsing.
  • Capability inventory: The skill has the ability to write to files (--apply flag) and execute shell commands through the system's make and python interpreters.
  • Sanitization: The analysis logic uses basic regex and awk for parsing, which is insufficient to prevent execution of malicious code embedded in Makefile variables (e.g., using the $(shell ...) construct).
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 27, 2026, 06:51 PM