Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/skill-adapter/Gen Agent Trust Hub

skill-adapter

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core design of reading and adopting methodologies from external, potentially untrusted files.
  • Ingestion points: The skill crawls and reads content from plugins/community/, plugins/packages/, and plugins/examples/, specifically targeting plugin.json, commands/*.md, agents/*.md, skills/*/SKILL.md, and scripts/*.sh or *.py files.
  • Boundary markers: Absent. The instructions do not specify any delimiters or safety markers to differentiate between trusted and untrusted content during analysis.
  • Capability inventory: The skill is configured with access to Bash(cmd:*), Read, Grep, and Glob tools.
  • Sanitization: Absent. The instruction set in SKILL.md suggests directly applying the "learned methodology" to the user's task without content validation or sanitization of the extracted patterns.
  • [COMMAND_EXECUTION]: The skill requests broad shell access via Bash(cmd:*). This capability is intended to allow the agent to execute the logic it "learns" from other plugins, but it simultaneously provides an execution vector for malicious payloads embedded in the analyzed plugin files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 04:50 AM