skills/jeremylongshore/claude-code-plugins-plus-skills/background-worker-creator/Gen Agent Trust Hub
background-worker-creator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill is granted 'Bash' and 'Write' tool permissions in the YAML metadata. This allows for arbitrary shell command execution and file system modification on the underlying host.
- [PROMPT_INJECTION] (HIGH): High-risk Indirect Prompt Injection surface detected. (1) Ingestion points: The skill triggers on external user requests regarding background workers and backend architecture (SKILL.md). (2) Boundary markers: Absent; no delimiters are defined to isolate untrusted user input from system instructions. (3) Capability inventory: Access to 'Bash', 'Write', 'Edit', and 'Grep' tools (SKILL.md). (4) Sanitization: Absent; the skill lacks any logic to validate or sanitize user-provided instructions before they are processed by high-privilege tools.
Recommendations
- AI detected serious security threats
Audit Metadata