skills/jeremylongshore/claude-code-plugins-plus-skills/implementing-real-user-monitoring/Gen Agent Trust Hub
implementing-real-user-monitoring
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it is designed to interact with and process external web application frontend code.
- Ingestion points: Accesses frontend code within the
${CLAUDE_SKILL_DIR}/directory. - Boundary markers: The instructions do not specify the use of delimiters or warnings to ignore instructions found within the processed code.
- Capability inventory: The skill utilizes tools for reading, writing, and editing files, along with bash command execution.
- Sanitization: No sanitization or validation mechanisms are described for handling the content of the external code files.
- [COMMAND_EXECUTION]: The skill configuration allows for the execution of bash commands via
npm:*andrum:*patterns. This is a powerful capability that, while intended for legitimate setup tasks, could be exploited if the agent's logic is subverted by untrusted input data.
Audit Metadata