Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/impact-analysis-helper/Gen Agent Trust Hub

impact-analysis-helper

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill is designed to analyze enterprise workflow patterns and requests high-privilege tools (Bash, Write, Edit). This configuration is highly susceptible to indirect prompt injection, where data processed by the agent contains hidden instructions that the agent may obey with system-level privileges.
  • Ingestion points: Enterprise workflow data, patterns, and best practices analyzed via the Read tool (implied by description and allowed-tools).
  • Boundary markers: None identified in the SKILL.md file; no delimiters or 'ignore embedded instructions' warnings are present.
  • Capability inventory: Bash, Write, Edit, Read (declared in SKILL.md).
  • Sanitization: No sanitization, validation, or filtering logic is defined for the external content to be processed.
  • [Command Execution] (HIGH): The skill explicitly requests the Bash tool. In an enterprise context involving code generation and validation, this provides a direct path for executing arbitrary shell commands if the agent is manipulated by adversarial input.
  • [No Code] (INFO): No executable scripts or implementation logic (e.g., .py, .js, .sh) were provided for analysis. This assessment is based on the declarations and metadata found in SKILL.md.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 01:36 PM