agent-builder

[Skill Scanner] Instruction directing agent to run/execute external content All findings: [CRITICAL] command_injection: Instruction directing agent to run/execute external content (CI011) [AITech 9.1.4] [CRITICAL] command_injection: Instruction to copy/paste content into terminal detected (CI012) [AITech 9.1.4] [CRITICAL] command_injection: Instruction directing agent to run/execute external content (CI011) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] BENIGN: The fragment is a design/documentation artifact outlining how to build and deploy Claude Code agents using the Agent Builder skill. It is coherent with its stated purpose and does not itself perform any code execution, credential handling, or network activity. Risks arise only if implemented poorly or with unsafe defaults; as presented, it serves as guidance and templates for legitimate agent construction workflows. LLM verification: The artifact is a benign documentation/template skill for authoring Claude Code agents, not executable malware. However, it prescribes high-risk operational patterns: hooks that execute repository scripts and copy/paste shell instructions without mandatory validation or sandboxing. These patterns enable arbitrary code execution, credential exposure, and data exfiltration when hook scripts are untrusted or malicious. Recommendations: require code review and provenance checks for any hook scripts,