Skills
skills/fwehrling/forge/forge-party/Gen Agent Trust Hub

forge-party

Fail

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the forge-memory CLI tool and interpolates the user-provided {TOPIC} directly into shell commands.
  • Evidence: forge-memory search "<topic>" --limit 3 and forge-memory log "Party terminée : {TOPIC}, ..." in the Workflow section.
  • Risk: If the <topic> argument contains shell metacharacters (e.g., ;, &, |, `), it could lead to arbitrary command execution on the host machine.
  • [PROMPT_INJECTION]: The skill accepts a raw topic argument which is used both for agent instructions and as a parameter in shell commands, creating a surface for both direct and indirect prompt injection.
  • [DATA_EXPOSURE]: The skill reads and writes to local project files (.forge/memory/MEMORY.md) and system paths (~/.claude/skills/forge/references/agents/orchestrator.md). While these are within the expected 'FORGE' ecosystem, the combination with command injection increases the risk of unauthorized data access.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 8, 2026, 07:25 PM