Skills
skills/egorfedorov/claude-context-optimizer/cco-export/Gen Agent Trust Hub

cco-export

Warn

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a shell command that directly interpolates the $ARGUMENTS variable: node ${CLAUDE_PLUGIN_ROOT}/src/export.js $ARGUMENTS. This lacks shell quoting (e.g., "$ARGUMENTS") or input validation, allowing an attacker or malicious data to execute arbitrary shell commands by including metacharacters like ;, &, |, or backticks in the input.\n- [PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection by passing untrusted input directly into a shell environment.\n
  • Ingestion points: The $ARGUMENTS variable in SKILL.md.\n
  • Boundary markers: None. The input is used directly without delimiters or instructions to ignore embedded commands.\n
  • Capability inventory: The skill uses the Bash tool to execute shell commands via node.\n
  • Sanitization: None. The variable is neither escaped nor quoted.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 24, 2026, 04:34 PM