Skills
skills/i9wa4/dotfiles/claude-config-optimizer/Gen Agent Trust Hub

claude-config-optimizer

Fail

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: Section 13 instructions the agent to execute a remote script using uvx from an unverified third-party GitHub repository (github.com/laiso/site2skill). This command allows for the direct execution of code from a source that is not a trusted organization or the skill author.
  • [COMMAND_EXECUTION]: The skill utilizes shell commands including gh api, claude --version, and base64 to interact with the system environment and remote APIs to retrieve configuration data.
  • [EXTERNAL_DOWNLOADS]: Fetches the official CHANGELOG.md from the anthropics/claude-code repository and provides instructions for converting external documentation websites into skills using site2skill.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting the contents of an external CHANGELOG.md file. The retrieved content is processed by the agent to generate summaries without the use of boundary markers or sanitization.
  • Ingestion points: SKILL.md (via gh api repository content fetch)
  • Boundary markers: Absent
  • Capability inventory: Shell command execution (Bash), File system operations (Read, Write)
  • Sanitization: Absent
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 9, 2026, 08:02 AM