skills/jeremylongshore/claude-code-plugins-plus-skills/confusion-matrix-generator/Gen Agent Trust Hub
confusion-matrix-generator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill configuration explicitly allows
Bash(python:*)andBash(pip:*), enabling the execution of arbitrary Python code and package installation, which poses a risk of system compromise when processing untrusted data. - [PROMPT_INJECTION] (HIGH): Vulnerability surface for Indirect Prompt Injection. The skill processes untrusted ML data (labels, training metrics) and has high-privilege capabilities (file modification, code execution). Evidence Chain: 1. Ingestion points: Machine learning training data and model outputs. 2. Boundary markers: Absent. 3. Capability inventory:
Bash(python:*),Bash(pip:*),Write,Edit. 4. Sanitization: Absent. - [EXTERNAL_DOWNLOADS] (MEDIUM): The
Bash(pip:*)permission allows for the download and installation of unverifiable third-party packages at runtime, which is an external dependency risk.
Recommendations
- AI detected serious security threats
Audit Metadata