skills/jeremylongshore/claude-code-plugins-plus/scanning-for-data-privacy-issues/Gen Agent Trust Hub
scanning-for-data-privacy-issues
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from source code, logs, and database schemas that may contain malicious instructions. Ingestion points: File content from the target codebase, including logs and configuration files. Boundary markers: Instructions do not define delimiters or ignore-behavior for content within the analyzed files. Capability inventory: The skill allows the use of high-privilege tools such as
Bash,Write, andEdit. Sanitization: There is no evidence of sanitization or validation of the content processed from external files.
Audit Metadata