sync-from-vibe-workflow
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill clones a repository from
https://github.com/doodledood/claude-code-plugins. This repository and organization are not on the trusted sources list, posing a risk of downloading unverified code or instructions. - COMMAND_EXECUTION (LOW): The skill executes several shell commands including
git clone,git pull,git add,git commit, andgit push. While consistent with the skill's purpose, these commands modify the local file system and interact with remote repositories. - INDIRECT_PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection from the source repository content.
- Ingestion points: Reads
SKILL.mdand agent files from the cloned/tmp/claude-code-plugins/directory. - Boundary markers: None detected. The skill does not use delimiters or warnings when processing the untrusted external content.
- Capability inventory: File system write access (
cp, editingSKILL.mdfiles), and Git operations (commit,push). - Sanitization: Absent. The skill performs basic transformations (e.g., mapping
CLAUDE.mdtoAGENTS.md) but does not sanitize the logical content of the instructions being synced.
Audit Metadata