Skills
skills/evolv3ai/claude-skills-archive/claude-agent-sdk/Gen Agent Trust Hub

claude-agent-sdk

Warn

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: In templates/custom-mcp-server.ts, the 'calculate' tool implementation uses the JavaScript eval() function to evaluate expressions provided in args.expression. If the input is not strictly sanitized, this allows for the execution of arbitrary JavaScript code within the agent's process.
  • [COMMAND_EXECUTION]: The skill explicitly documents and provides templates (e.g., templates/permission-control.ts and references/permissions-guide.md) for the bypassPermissions mode. This setting disables all safety checks, allowing an agent to execute Bash commands and modify the filesystem without human oversight or confirmation.
  • [PROMPT_INJECTION]: The skill presents a high vulnerability to indirect prompt injection in templates/multi-agent-workflow.ts. The runDevOpsAgent function accepts a task string from an untrusted external source and uses it directly as the primary prompt for a multi-agent system equipped with powerful tools like Bash, Write, and Edit, without implementing robust boundary markers or input sanitization.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 10, 2026, 03:49 AM