Skills
skills/frostant/awesome-claude-skills/developer-growth-analysis/Gen Agent Trust Hub

developer-growth-analysis

Warn

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill reads the local file ~/.claude/history.jsonl, which contains private user interaction logs and sensitive code snippets. It then transmits a summary of this data to Slack via the RUBE_MULTI_EXECUTE_TOOL tool. While intended for personal growth, the transmission of data derived from private local files to an external platform constitutes a data exposure risk.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its data ingestion surface. It processes untrusted data from chat history (the display and pastedContents fields) to construct search queries and final reports without sanitization or boundary markers.
  • Ingestion points: ~/.claude/history.jsonl (Step 1).
  • Boundary markers: Absent.
  • Capability inventory: RUBE_MULTI_EXECUTE_TOOL (Slack) and RUBE_SEARCH_TOOLS (Web search).
  • Sanitization: Absent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 1, 2026, 06:46 PM