skills/jeremylongshore/claude-code-plugins-plus-skills/juicebox-migration-deep-dive/Gen Agent Trust Hub
juicebox-migration-deep-dive
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requests administrative-level permissions in the metadata via
Bash(kubectl:*)andBash(curl:*). These tools are intended for performing bulk data imports and managing transformation pipelines in enterprise environments, though they represent a significant capability surface. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its primary function of ingesting and processing data from external sources such as LinkedIn Recruiter, Greenhouse, Lever, and CSV exports.
- Ingestion points: Data entering via exports from LinkedIn Recruiter, Greenhouse, Lever, and local CSV/Excel files.
- Boundary markers: Absent; there are no specific instructions to the agent to ignore or delimit embedded instructions within the source data.
- Capability inventory: The agent has access to
Read,Write,Edit,Bash(kubectl:*), andBash(curl:*)permissions. - Sanitization: The provided code snippets perform structural validation and field mapping but do not include content sanitization to prevent the execution of instructions embedded in data fields.
Audit Metadata