Skills
skills/jeremylongshore/claude-code-plugins-plus/cursor-indexing-issues/Gen Agent Trust Hub

cursor-indexing-issues

Fail

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the user or agent to execute shell commands with sudo to modify the system configuration file /etc/sysctl.conf and reload system parameters (sudo sysctl -p), which represents a privilege escalation pattern and high-risk system modification.
  • [COMMAND_EXECUTION]: The skill provides commands for the recursive deletion of application cache directories using rm -rf on macOS and Linux, or Remove-Item -Recurse on Windows. These operations are inherently risky and could lead to data loss if path interpolation is manipulated.
  • [PROMPT_INJECTION]: The skill demonstrates a vulnerability to indirect prompt injection by processing untrusted user input (descriptions of indexing symptoms) while maintaining access to powerful system tools like Bash. * Ingestion points: User-provided descriptions of indexing errors and symptoms (SKILL.md). * Boundary markers: Absent. * Capability inventory: Arbitrary shell command execution via the Bash tool, along with Read, Write, and Edit permissions (SKILL.md). * Sanitization: None identified; the skill directly suggests command execution based on symptoms.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 4, 2026, 03:56 PM