skills/jeremylongshore/claude-code-plugins-plus-skills/configuration-reference-generator/Gen Agent Trust Hub
configuration-reference-generator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill's primary function is to process and generate technical documentation and configurations, which constitutes a major ingestion point for untrusted data.
- Ingestion points: Technical documentation, API specifications, and configuration files matching the trigger patterns.
- Boundary markers: Absent. The skill does not define delimiters to separate user data from system instructions.
- Capability inventory: High-privilege tools are enabled, including
Bash,Write,Edit, andRead(defined inallowed-tools). - Sanitization: Absent. There is no mention of filtering or validating input before it influences tool usage.
- [Command Execution] (MEDIUM): The skill requests access to the
Bashtool. In the context of an agent designed to 'generate production-ready configurations' and 'validate outputs,' this provides an execution path for shell commands derived from potentially malicious inputs (Category 8 linkage).
Recommendations
- AI detected serious security threats
Audit Metadata