skills/jeremylongshore/claude-code-plugins-plus-skills/webhook-receiver-generator/Gen Agent Trust Hub
webhook-receiver-generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (SAFE): No override or bypass markers were detected in the skill description or metadata.
- [DATA_EXFILTRATION] (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were found.
- [COMMAND_EXECUTION] (SAFE): Although the skill requests 'Bash' and 'Write' permissions, no automated or suspicious command execution logic is present in the provided file.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill is designed to generate webhook receivers, which by nature ingest untrusted external data. This creates a potential surface for indirect injection attacks.
- Ingestion points: Webhook payloads (SKILL.md).
- Boundary markers: Absent; no delimiters or warnings for embedded instructions are specified.
- Capability inventory: Read, Write, Edit, Bash, Grep tools enabled.
- Sanitization: No sanitization or validation logic is defined in the documentation.
Audit Metadata