Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/skill-adapter/Gen Agent Trust Hub

skill-adapter

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill functions as a 'skill chameleon' that extracts and applies patterns from other plugins. This design creates a surface for indirect prompt injection where malicious instructions hidden in a plugin's documentation or code could influence the agent's behavior.
  • Ingestion points: Extracts capability patterns from plugins/community/, plugins/packages/, and plugins/examples/ (referenced in SKILL.md).
  • Boundary markers: Absent; there are no instructions to use delimiters or ignore embedded instructions within the analyzed plugins.
  • Capability inventory: The skill utilizes Bash(cmd:*), Read, Grep, and Glob (referenced in SKILL.md).
  • Sanitization: Absent; the skill does not perform validation or sanitization on the content extracted from external plugins before applying it to the current task.
  • [COMMAND_EXECUTION]: The skill requests unrestricted bash access (Bash(cmd:*)) to facilitate plugin discovery and analysis using tools like find and grep. While used for legitimate functionality in the provided scripts (e.g., plugin_analyzer.py), the broad scope of the permission increases the potential impact of any command injection or malicious influence from external plugins.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 09:34 AM