Skills
skills/camoa/claude-skills/guide-loader/Gen Agent Trust Hub

guide-loader

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [DATA_EXFILTRATION]: The skill extracts a file path from project_state.md to locate local guides. A malicious actor with the ability to modify this configuration file could point the agent to sensitive locations (e.g., SSH keys or system configurations), causing the agent to read and display their contents to the user.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing content from external guide files and remote URLs without sanitization or boundary markers. This content is then used to generate implementation recommendations and architecture suggestions.
  • Ingestion points: Local guide files via {guides_path}/{guide_file} and remote content from camoa.github.io.
  • Boundary markers: None identified. The skill lacks instructions to ignore embedded commands within the loaded guides.
  • Capability inventory: File reading capabilities and WebFetch for remote retrieval.
  • Sanitization: None identified. Content is presented and integrated into tasks without validation.
  • [EXTERNAL_DOWNLOADS]: The skill fetches guide indexes and documentation from https://camoa.github.io/dev-guides/. This domain is an official resource associated with the skill's author, camoa.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 12:29 AM