Skills
skills/evanfang0054/cc-system-creator-scripts/component-docs-batcher/Gen Agent Trust Hub

component-docs-batcher

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • PROMPT_INJECTION (HIGH): The skill is highly vulnerable to Indirect Prompt Injection (Category 8). 1. Ingestion points: Component source files (.tsx, .jsx) and structural metadata. 2. Boundary markers: Absent; there are no delimiters or instructions to ignore embedded content. 3. Capability inventory: The agent can execute local scripts via npx ts-node and write/modify markdown files. 4. Sanitization: Absent; the skill relies on 'understanding' logic from raw code. Maliciously crafted comments in source code could manipulate the agent's behavior during documentation or task-tracking.
  • COMMAND_EXECUTION (HIGH): The skill instructs the agent to run local TypeScript scripts (scan-components.ts, generate-todos.ts, analyze-component.ts) using npx ts-node. This allows for arbitrary code execution on the host system if the skill originates from an untrusted source or if its scripts are compromised.
  • DATA_EXPOSURE (LOW): The skill accesses the local file system and Git history (git log) to identify component status and metadata. While functional, this behavior exposes internal project structure and history to the agent context.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 08:57 AM