skills/jeremylongshore/claude-code-plugins-plus-skills/conditional-request-helper/Gen Agent Trust Hub
conditional-request-helper
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [Prompt Injection] (HIGH): The skill is highly susceptible to indirect prompt injection. It ingests untrusted data via the 'curl' and 'Read' tools but lacks boundary markers or sanitization. An attacker could provide malicious API responses that hijack the agent's flow. * Ingestion points: untrusted external data via 'Bash(curl:)' and local files via 'Read'. * Boundary markers: None present in instructions. * Capability inventory: 'Write', 'Edit', 'Bash(curl:)'. * Sanitization: None present.
- [Data Exfiltration] (HIGH): The 'Bash(curl:*)' tool permission allows the agent to send data to any external domain. When combined with the 'Read' permission, this creates a high risk of sensitive local files being exfiltrated to an attacker's server.
- [Command Execution] (MEDIUM): While restricted to the curl command, 'Bash(curl:*)' grants the ability to perform complex network operations and file uploads or downloads which can be misused if the input parameters are influenced by an attacker.
Recommendations
- AI detected serious security threats
Audit Metadata