Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/plugin-auditor/Gen Agent Trust Hub

plugin-auditor

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its core functionality of auditing external, potentially untrusted code.
  • Ingestion points: The skill ingests untrusted data by reading files from plugin directories (referenced as plugins/plugin-name/) using the Read, Grep, and Bash tools.
  • Boundary markers: The instruction set does not define any specific delimiters or instructions to the agent to disregard instructions embedded within the files being audited.
  • Capability inventory: The skill has access to powerful tools, including Read, Grep, and Bash(cmd:*), which increases the potential impact if a malicious instruction in an audited file is followed.
  • Sanitization: There is no mechanism described for sanitizing or validating the content of audited files before they are processed by the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 11:28 PM