Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/plugin-validator/Gen Agent Trust Hub

plugin-validator

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses Bash(cmd:*) to execute arbitrary commands and specifically directs the agent to run scripts from the repository being validated, such as './scripts/validate-all-plugins.sh', which are not part of the skill's own payload.
  • [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection because it reads and processes content from untrusted external plugin files.
  • Ingestion points: The skill ingests data from plugin.json, README.md, and various component source files during the validation process.
  • Boundary markers: No delimiters or instructions are used to ensure the agent ignores embedded instructions within the ingested content.
  • Capability inventory: The agent has access to Bash(cmd:*), Read, and Grep tools when analyzing potentially malicious data.
  • Sanitization: No sanitization or safety checks are applied to the external content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 11:28 PM