Skills
skills/dtsong/my-claude-setup/generate-plot/Gen Agent Trust Hub

generate-plot

Warn

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The CLI fallback command paperbanana plot --data <file> --intent "<intent>" executes in a shell using $ARGUMENTS[1] without sanitization. While $ARGUMENTS[0] is checked for shell metacharacters, the intent string is not, posing a command injection risk if the agent falls back to the CLI.
  • [PROMPT_INJECTION]: The skill processes untrusted external data, creating an indirect prompt injection surface where malicious data could influence agent behavior.
  • Ingestion points: File content read via the Read tool in the Procedure (Step 1).
  • Boundary markers: No delimiters or instructions are used to isolate the data content.
  • Capability inventory: Includes Bash command execution and MCP tool usage.
  • Sanitization: Sanitization is applied to the file path but not to the content of the data file.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 10, 2026, 03:19 AM