skills/jeremylongshore/claude-code-plugins-plus-skills/customerio-reference-architecture/Gen Agent Trust Hub
customerio-reference-architecture
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill architecture includes a webhook handler that represents an indirect prompt injection surface.
- Ingestion points: SKILL.md defines a CustomerIOWebhooks class that processes req.body.events.
- Boundary markers: No explicit boundaries or instructions to ignore embedded content are provided in the templates.
- Capability inventory: The skill uses Bash(gh:) and Bash(curl:) tools.
- Sanitization: The provided code emits event data directly without validation or sanitization.
- [COMMAND_EXECUTION]: The skill defines high-privilege tool access.
- Permission for Bash(gh:) and Bash(curl:) is requested, which grants significant control over the environment and external repositories. This is consistent with the skill's purpose but increases the impact of other vulnerabilities.
Audit Metadata