Skills
skills/c0ntr0lledcha0s/claude-code-plugin-automations/coordinating-projects/Gen Agent Trust Hub

coordinating-projects

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted data from external GitHub sources.
  • Ingestion points: The skill fetches data from gh issue list, gh pr list, and gh repo list (SKILL.md).
  • Boundary markers: No explicit delimiters or instructions are used to separate external data from the agent's core instructions.
  • Capability inventory: The skill has extensive capabilities, including Bash access, Write/Edit permissions, and the ability to execute local Python scripts (SKILL.md).
  • Sanitization: There is no evidence of sanitization or validation of the ingested strings before they are processed by the agent.
  • [COMMAND_EXECUTION]: The skill executes shell commands and local scripts to perform analysis and automation tasks.
  • Evidence: The skill uses Bash to invoke the gh CLI, find, and jq, and it runs several Python scripts (e.g., map-dependencies.py, portfolio-health.py) located in its {baseDir}/scripts/ directory (SKILL.md).
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 09:58 AM