Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/throttling-apis/Gen Agent Trust Hub

throttling-apis

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes potentially untrusted data from the {baseDir}/api-specs/ directory, creating a vulnerability surface for indirect prompt injection.
  • Ingestion points: The agent utilizes the Read tool to examine files in the {baseDir}/api-specs/ directory, as instructed in SKILL.md and references/implementation.md.
  • Boundary markers: The skill's instructions do not define any delimiters or explicit safety instructions to ensure the agent ignores embedded commands within the ingested data.
  • Capability inventory: The skill permits the use of Write, Edit, and Bash(api:throttle-*) tools, which represent significant capabilities that could be misdirected if an injection occurs.
  • Sanitization: There are no steps provided for the validation or sanitization of the content found within the API specification files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 05:22 PM