Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/kpi-definition-helper/Gen Agent Trust Hub

kpi-definition-helper

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill processes untrusted external content (user-provided KPI definitions and requests) while possessing high-privilege capabilities including Bash, Write, and Edit.
  • Ingestion points: User requests and KPI patterns provided in conversational context.
  • Boundary markers: Absent. No instructions are provided to delimit data from instructions.
  • Capability inventory: Read, Write, Edit, Bash, Grep.
  • Sanitization: Absent. No filtering or validation of user-provided content is specified before passing to tools like Bash.
  • [Command Execution] (MEDIUM): The skill explicitly allows the Bash tool. While no malicious commands are hardcoded, the combination of Bash access with untrusted input processing (Category 8) poses a risk of command injection via the agent.
  • [No Code] (INFO): The skill contains only metadata and descriptive markdown with no functional scripts or implementation logic provided, making its actual behavior dependent on the base agent's interpretation of its capabilities.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 05:29 AM