Skills
skills/dotneet/claude-code-marketplace/suggest-agent-rules/Gen Agent Trust Hub

suggest-agent-rules

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION] (HIGH): Accesses sensitive agent history directories. Evidence: tools/list-sessions.sh and tools/analyze-session.sh access ~/.claude/projects and ~/.codex/sessions. Risk: Exposure of sensitive interaction history, including potential secrets or proprietary logic from previous sessions.
  • [PROMPT_INJECTION] (LOW): Indirect prompt injection surface via ingested data. 1. Ingestion points: Session history .jsonl files read in analyze-session.sh. 2. Boundary markers: Absent; session content is directly extracted. 3. Capability inventory: High; the agent is instructed to create/modify repository rules based on this content. 4. Sanitization: Absent; uses raw jq extraction.
  • [COMMAND_EXECUTION] (LOW): Execution of local shell scripts to perform file system operations. Evidence: tools/list-sessions.sh, tools/analyze-session.sh, and tools/extract-patterns.sh. Risk: The scripts use find, grep, and jq on user-controlled paths, though impact is limited to local discovery within specified directories.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:03 PM