Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/nginx-ingress-manager/Gen Agent Trust Hub

nginx-ingress-manager

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMNO_CODECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (MEDIUM): High-risk attack surface due to the combination of data ingestion and powerful tool access without defined safeguards.
  • Ingestion points: The skill is designed to use Read and Grep to process Kubernetes manifests and Ingress configurations (SKILL.md).
  • Boundary markers: None; there are no instructions or delimiters to prevent the agent from obeying commands embedded in the data it reads.
  • Capability inventory: The skill is granted Bash, Write, and Edit tools, allowing for arbitrary command execution and file system modification.
  • Sanitization: No sanitization or validation protocols are described to filter malicious input from ingested files.
  • [Command Execution] (LOW): The manifest explicitly requests the Bash tool. While no malicious command strings are found in the documentation, granting shell access to an agent processing DevOps infrastructure should be reviewed for least-privilege compliance.
  • [No Code] (INFO): The skill consists only of a Markdown manifest. No external scripts or executable logic files were provided for analysis.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 02:55 AM