skills/jeremylongshore/claude-code-plugins-plus-skills/ideogram-reference-architecture/Gen Agent Trust Hub
ideogram-reference-architecture
Fail
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: CRITICAL
Full Analysis
- Prompt Injection (SAFE): No instructions attempting to override agent behavior or bypass safety guidelines were found.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or sensitive file access patterns detected. Configuration management uses standard environment variables rather than hardcoded secrets.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The provided shell scripts only create local directories and empty files. No external packages or remote scripts are downloaded or executed.
- Malicious URLs (SAFE): The reported automated alert for 'this.ca' is a false positive triggered by the TypeScript code snippet
this.cache. The scanner incorrectly interpreted a code property access as a malicious domain. - Dynamic Execution (SAFE): While the example code uses dynamic
requirefor configuration files, it is restricted to local JSON files based on the environment name and is provided as a user template rather than executable skill code.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata