reinforce-skills
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructs the agent to run the official Next.js codemod via 'npx @next/codemod@canary' when a Next.js project is detected. This command downloads and executes code from the npm registry. The package is maintained by Vercel, which is a recognized and trusted vendor.
- [COMMAND_EXECUTION]: To map capabilities, the skill inventories user-installed skills and plugins by performing directory listings on '
/.claude/skills/' and '/.claude/plugins/'. This activity is transparent and restricted to the agent's own ecosystem to facilitate the primary mapping function. - [PROMPT_INJECTION]: The skill generates 'forceful and imperative' directives (e.g., 'STOP. You WILL forget skill names mid-session') and injects them into project metadata files. This is a documented metaprompting technique designed to sustain agent performance rather than a malicious behavioral bypass. Additionally, the skill creates an indirect prompt injection surface by aggregating data from project files like 'package.json' and 'CLAUDE.md' into these directives. It utilizes HTML comment markers as boundary delimiters to reduce accidental misinterpretation.
Audit Metadata