skills/jeremylongshore/claude-code-plugins-plus-skills/scanning-input-validation-practices/Gen Agent Trust Hub
scanning-input-validation-practices
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is inherently vulnerable to indirect prompt injection because it processes untrusted external codebase data which may contain adversarial instructions designed to influence agent behavior. \n
- Ingestion points: Recursive directory scanning and file reading are performed by the scripts 'codeql_scan.sh' and 'semgrep_scan.sh'. \n
- Boundary markers: No clear boundaries or instructions are provided to the agent to distinguish between the code being analyzed and potential malicious instructions embedded within it. \n
- Capability inventory: The skill utilizes powerful tools including 'Bash(security:*)', 'Read', 'Write', and 'Edit', which could be leveraged if an injection is successful. \n
- Sanitization: There is no evidence of content sanitization or instruction filtering applied to the scanned files before they are read into the agent's context.
Audit Metadata