Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/guidewire-data-handling/Gen Agent Trust Hub

guidewire-data-handling

Warn

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill manifest allows unrestricted use of the curl command through Bash(curl:*), enabling the agent to download arbitrary content from any remote source.
  • [COMMAND_EXECUTION]: The skill manifest allows unrestricted use of the Gradle build tool through Bash(gradle:*). Gradle can be used to execute arbitrary Java or Groovy code during builds, which could be exploited to run malicious commands on the host system.
  • [DATA_EXFILTRATION]: The DataExporter class in SKILL.md provides functionality to export sensitive Guidewire data (Accounts, Policies, PII) to local CSV and JSON files. When combined with the unrestricted curl capability, this creates a high-risk surface where sensitive insurance data could be exfiltrated to an external server.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection.
  • Ingestion points: The DataMigration class in SKILL.md ingests data via the migrateAccounts method, and BatchProcessor processes Policy entities.
  • Boundary markers: There are no boundary markers or instructions to the agent to ignore embedded commands within the data being processed.
  • Capability inventory: The skill has access to Bash, Write, and Edit tools.
  • Sanitization: While basic data validation (e.g., zip code format) is present in DataValidator, there is no sanitization to detect or prevent natural language instructions embedded within the processed data from influencing the agent's behavior.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 12, 2026, 01:33 AM