Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/adk-engineer/Gen Agent Trust Hub

adk-engineer

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requests broad permissions for the Bash tool (cmd:*) to perform engineering operations. This allows the agent to execute arbitrary shell commands for running linters, test runners, and deployment scripts (e.g., gcloud, pytest, ruff).
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from the local repository using Read, Glob, and Grep (Ingestion Points in Implementation Guide). There are no specific boundary markers or sanitization steps defined to prevent instructions within those files from overriding the agent's core logic. This is critical given the agent's capabilities to modify files (Write, Edit) and execute shell commands (Bash).
  • [COMMAND_EXECUTION]: The provided code examples in examples.md utilize subprocess.run to call external tools. While these examples are designed for local development, they highlight the inherent risk of command injection if file paths are not properly sanitized, a risk the documentation explicitly acknowledges as a security consideration for users.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 08:45 AM