skill-publish
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes git commands for fetching, committing, and pushing updates to manage the plugin lifecycle.
- [COMMAND_EXECUTION]: Invokes the claude CLI to verify and update plugin status within the marketplace.
- [DATA_EXFILTRATION]: Pushes source code to GitHub as the primary distribution method for plugins, which is the intended behavior of the skill.
- [EXTERNAL_DOWNLOADS]: Mentions the use of npx to run a validation utility, which retrieves code from the npm registry.
- [PROMPT_INJECTION]: Identifies an indirect prompt injection surface. 1. Ingestion points: Reads .claude-plugin/plugin.json, CHANGELOG.md, and git logs. 2. Boundary markers: No delimiters or ignore instructions present. 3. Capability inventory: Includes git push, git commit, and claude CLI commands. 4. Sanitization: No evidence of content validation before processing.
Audit Metadata