skills/jeremylongshore/claude-code-plugins-plus-skills/building-recommendation-systems/Gen Agent Trust Hub
building-recommendation-systems
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface identified where the skill processes untrusted user interaction data and item features to guide the generation and execution of machine learning scripts.
- Ingestion points: User preferences, item features, and interaction data as described in the SKILL.md and assets/README.md.
- Boundary markers: Absent; there are no instructions or delimiters provided to isolate untrusted data from the prompt context.
- Capability inventory: File system modification and shell command execution are used to create and run generated Python code.
- Sanitization: Absent; the skill does not describe any validation or filtering of the input data before it influences code generation.
- [COMMAND_EXECUTION]: The skill uses broad shell execution capabilities to run data preprocessing and model training scripts. This creates a significant attack surface if the agent's code generation is successfully manipulated via the identified prompt injection vectors.
Audit Metadata