Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/acceptance-criteria-creator/Gen Agent Trust Hub

acceptance-criteria-creator

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill is designed to ingest untrusted user requirements and generate code/configurations while having access to high-privilege tools like Bash, Write, and Edit.
  • Ingestion points: User requests containing "acceptance criteria creator" or enterprise workflow patterns (SKILL.md).
  • Boundary markers: None present to distinguish between instructions and data.
  • Capability inventory: Access to Bash, Read, Write, and Edit tools (SKILL.md frontmatter).
  • Sanitization: No sanitization or validation logic is defined to prevent instructions embedded in requirements from being executed by the tools.
  • [Command Execution] (HIGH): The skill explicitly requests Bash access. Given the purpose of generating "production-ready code and configurations," an attacker could use indirect prompt injection to trick the agent into executing arbitrary shell commands under the guise of setting up a workflow.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 12:00 AM