Skills
skills/jeremylongshore/claude-code-plugins-plus/auditing-access-control/Gen Agent Trust Hub

auditing-access-control

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from local codebases and configuration files.
  • Ingestion points: IAM policy files, RBAC configurations, ACL definitions, and API route handlers identified via Glob and Grep in SKILL.md.
  • Boundary markers: No specific delimiters or instructions are provided to the agent to distinguish between its own logic and instructions potentially embedded in the audited files.
  • Capability inventory: The skill uses Read, Write, Edit, and Bash (with restricted profiles) to perform its tasks, including writing report files via scripts/access_control_audit.py.
  • Sanitization: No explicit sanitization or validation of the ingested content is described before processing.
  • [COMMAND_EXECUTION]: The skill requires the use of shell utilities and cloud CLI tools for its auditing functions.
  • Evidence: SKILL.md directs the agent to use grep and find for scanning. It also specifies the use of aws iam, gcloud, and az role CLI tools to audit cloud configurations. These operations are consistent with the skill's purpose as an access control auditor.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 08:00 PM