fastify-plugin-creator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE] (INFO): The skill consists entirely of metadata and instructional text; no executable scripts or code files were found in the provided content.
- [COMMAND_EXECUTION] (HIGH): The skill metadata explicitly grants access to high-privilege tools including
Bash,Write, andEdit. This configuration allows the agent to execute shell commands and modify the local filesystem when the skill is active. - [PROMPT_INJECTION] (HIGH): The skill is vulnerable to Indirect Prompt Injection (Category 8) due to its defined interaction model.
- Ingestion points: Untrusted data enters the agent context via user requests and project files related to 'fastify plugin creator' tasks.
- Boundary markers: The instructions lack any delimiters or system-level constraints to prevent the agent from following malicious instructions embedded in the processed data.
- Capability inventory: The skill provides access to
Bash,Write,Edit,Read, andGrep(inSKILL.md). - Sanitization: There is no evidence of input validation, escaping, or filtering to protect sensitive tool calls from being manipulated by adversarial input.
Recommendations
- AI detected serious security threats
Audit Metadata