Skills
skills/devstefancho/claude-plugins/local-test/Gen Agent Trust Hub

local-test

Warn

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a bash script at a hardcoded absolute path /Users/stefancho/works/claude-plugins/local-test-plugin/scripts/local-install.sh. This relies on author-specific environment configurations and executes external code on the local system.
  • [PROMPT_INJECTION]: User input from AskUserQuestion (link/unlink choice and plugin name) is directly interpolated into a bash command string. This creates a surface for command injection if the underlying script does not properly sanitize these arguments.
  • [PROMPT_INJECTION]: Indirect injection surface analysis: 1. Ingestion points: User input from AskUserQuestion in Step 2 and Step 3. 2. Boundary markers: None provided to isolate input from the execution context. 3. Capability inventory: Uses the Bash tool to run shell scripts. 4. Sanitization: No sanitization or validation steps are defined for the variables used in the script execution.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 10, 2026, 02:22 AM