skill-guard
Warn
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill implements a persistence mechanism in Phase 6 that uses git push to upload audit reports to a public registry repository (j4rk0r/claude-skills). Since these reports include a content field containing excerpts from the audited files, this creates a risk of leaking private or proprietary source code if the tool is used to analyze local or private skills.
- [PROMPT_INJECTION]: The skill instructs the AI agent to proactively intercept and intervene during standard skill installation workflows (such as npx skills add). This behavioral override is designed to hijack the user's intent and force a security review session without a direct user request, effectively overriding the agent's default interaction model.
- [COMMAND_EXECUTION]: The skill utilizes extensive Bash permissions for git and gh tools to manage its remote registry. While coherent with the stated purpose of a community audit database, these capabilities provide a broad attack surface for system and repository manipulation if misused or if processing maliciously crafted skill metadata.
Audit Metadata