skills/jeremylongshore/claude-code-plugins-plus-skills/scanning-for-data-privacy-issues/Gen Agent Trust Hub
scanning-for-data-privacy-issues
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The Python scripts (scripts/config_validator.py, scripts/data_privacy_scan.py, and scripts/report_formatter.py) are benign templates that perform basic file system checks and JSON parsing using standard library modules. They contain no external dependencies, network operations, or dynamic code execution.
- [COMMAND_EXECUTION]: The skill requests permissions for Bash execution within 'security', 'scan', and 'audit' namespaces. While consistent with the tool's purpose as a security scanner, these broad permissions represent a capability surface that requires careful oversight during agent use.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to ingest and process untrusted data from a codebase. * Ingestion points: Reads local files and directories using the Read, Grep, and Glob tools as defined in SKILL.md. * Boundary markers: Absent; the skill instructions do not provide delimiters or specific guidance for the agent to disregard instructions found within scanned content. * Capability inventory: The skill possesses Write, Edit, and broad Bash execution capabilities across multiple namespaces. * Sanitization: No sanitization, escaping, or validation of ingested content is performed by the provided scripts or instructions.
Audit Metadata