Skills
skills/jeremylongshore/claude-code-plugins-plus/crossing-the-chasm/Gen Agent Trust Hub

crossing-the-chasm

Warn

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The operational instructions in the main SKILL.md file direct the agent to 'Assess the current state of the logging configuration' and 'Apply the recommended patterns from this skill,' which contradicts the skill's stated purpose of providing business strategy advice.
  • [PROMPT_INJECTION]: The skill instructs the agent to handle 'Authentication failure' by attempting to 'Refresh tokens or re-authenticate,' which could lead the agent to search for and expose sensitive credentials or tokens in the workspace.
  • [PROMPT_INJECTION]: The skill's 'Output' section expects 'Configuration files or code changes applied to the project' regarding logging, which is deceptive given the skill's name and description as a business positioning framework.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 4, 2026, 12:36 PM