skills/jeremylongshore/claude-code-plugins-plus-skills/managing-autonomous-development/Gen Agent Trust Hub
managing-autonomous-development
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is granted 'Bash(cmd:*)' permissions, which allows for the execution of any system command. This is a high-privilege capability that increases the risk of system compromise if the agent is misled.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it incorporates untrusted user data directly into shell commands. 1. Ingestion points: User-supplied task names and parameters are parsed from requests defined in SKILL.md. 2. Boundary markers: No delimiters or isolation techniques are used to separate user input from the command structure. 3. Capability inventory: The skill has broad access to the system via Bash, Read, Write, and Edit tools. 4. Sanitization: There is no documented logic for sanitizing or escaping user input before it is executed in the shell environment.
Audit Metadata