Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/schema-validator/Gen Agent Trust Hub

schema-validator

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill's purpose is to process and validate external data (schemas, ETL patterns), while simultaneously requesting high-privilege tools including 'Bash', 'Write', and 'Edit'. This combination creates a high-risk capability tier where malicious instructions embedded in a schema could be executed by the agent.
  • Ingestion points: Data pipeline schemas and transformation request inputs.
  • Boundary markers: Absent; no instructions provided to delimit or ignore instructions within data.
  • Capability inventory: 'Bash', 'Write', 'Edit', 'Read', and 'Grep'.
  • Sanitization: None; the skill lacks logic to sanitize or validate the safety of the content it processes.
  • [Command Execution] (MEDIUM): The skill requests 'Bash' tool access. For a schema validation task, providing shell access violates the principle of least privilege and increases the impact of any successful injection.
  • [No Code] (INFO): The skill consists only of metadata and descriptions in a markdown file. No actual implementation logic or scripts are provided, preventing a complete review of its operational behavior.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 06:18 AM