skills/jeremylongshore/claude-code-plugins-plus-skills/security-headers-generator/Gen Agent Trust Hub
security-headers-generator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (HIGH): The skill is designed to ingest untrusted user input to generate security configurations and code.
- Ingestion points: User requests mentioning "security headers generator" (SKILL.md).
- Boundary markers: None present to delimit user input from agent instructions.
- Capability inventory: Access to
WriteandBash(npm:*)allows for file modification and arbitrary command execution. - Sanitization: No sanitization or validation logic is defined to prevent instructions embedded in data from being executed.
- External Downloads (MEDIUM): The skill explicitly permits the use of the npm package manager within a Bash shell.
- Evidence:
allowed-tools: ..., Bash(npm:*)in the YAML frontmatter. - Risk: This allows the agent to download and execute any package from the public npm registry at runtime, which is a major supply chain risk if the agent is manipulated via prompt injection.
- No Implementation Code (LOW): The skill consists only of metadata and natural language instructions without any executable scripts.
- Evidence: Only
SKILL.mdis provided; no referenced scripts or configurations exist. - Risk: The lack of concrete code makes the skill's behavior entirely dependent on the LLM's interpretation, which is less predictable and harder to secure than audited code.
Recommendations
- AI detected serious security threats
Audit Metadata