Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/mock-generator/Gen Agent Trust Hub

mock-generator

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill demonstrates a significant attack surface for indirect injection.
  • Ingestion points: Processes external files and codebases via 'Read' and 'Grep' tools.
  • Boundary markers: Absent; no instructions define how to distinguish data from instructions.
  • Capability inventory: Possesses 'Bash', 'Write', and 'Edit' tools, allowing for system-level changes.
  • Sanitization: None; the skill lacks procedures to filter or escape instructions embedded in processed source code or test files.
  • [Privileged Tool Access] (MEDIUM): Enabling the 'Bash' tool for automated test generation introduces a high-impact vector for command injection if the agent is manipulated by adversarial data.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 07:28 AM