Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/processing-api-batches/Gen Agent Trust Hub

processing-api-batches

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. It is designed to read and process external API specifications from the {baseDir}/api-specs/ directory and use that information to generate source code and execute bash commands. This configuration allows potentially malicious instructions embedded in the specifications to influence the agent's actions.
  • Ingestion points: The agent reads untrusted data from {baseDir}/api-specs/ as indicated in SKILL.md and references/implementation.md.
  • Boundary markers: There are no boundary markers or instructions provided to the agent to ignore or isolate instructions that may be contained within the processed files.
  • Capability inventory: The skill employs tools including Write, Edit, and Bash(api:batch-*), which could be exploited if the agent follows instructions from a malicious input file.
  • Sanitization: No sanitization, escaping, or validation of the external content is implemented before it is used to drive agent actions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 12:29 AM