skills/jeremylongshore/claude-code-plugins-plus-skills/schema-optimization-orchestrator/Gen Agent Trust Hub
schema-optimization-orchestrator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes the Bash tool to create run-specific directories and execute a local, deterministic analysis script ('scripts/analyze_field_utilization.sh'). The script is self-contained, performs basic data aggregation using 'jq', and does not engage in network activity or privilege escalation.\n- [PROMPT_INJECTION] (LOW): The skill presents a surface for Indirect Prompt Injection (Category 8) because it ingests and processes untrusted external data.\n
- Ingestion points: Files (JSON/CSV) within the user-specified 'input_folder' are read by Phase 1 and 2 agents and the verification script.\n
- Boundary markers: There are no instructions defining boundary markers or explicit directives for agents to ignore instructions embedded within the ingested schema metadata (e.g., field descriptions).\n
- Capability inventory: The orchestrator has 'Read', 'Write', 'Bash', and 'Task' tools, allowing it to execute system commands and spawn sub-tasks based on the results of its analysis.\n
- Sanitization: No sanitization or validation of the content within the schema files is implemented before the data is passed to subsequent agent phases.
Audit Metadata