Skills
skills/jezweb/claude-skills/agent-development/Gen Agent Trust Hub

agent-development

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • Prompt Injection (MEDIUM): The skill promotes and utilizes behavioral override instructions (e.g., 'MUST BE USED', 'Use PROACTIVELY') in both its documentation and its own plugin.json metadata to hijack the agent's natural delegation logic.
  • Data Exfiltration (MEDIUM): Recommends a blanket allowlist for WebFetch(domain:*) and a wide range of Bash commands (e.g., grep, cat, find) in .claude/settings.json. This configuration creates a significant risk for silent data exfiltration if an agent is compromised or processes malicious input.
  • Persistence Mechanisms (LOW): Provides instructions for persistently modifying shell profiles (~/.bashrc, ~/.zshrc) to set environment variables. While intended for performance, it establishes a pattern of persistent environment modification.
  • Indirect Prompt Injection (LOW): Encourages a 'Give All Tools to All Agents' philosophy without providing guidance on sanitization or boundary markers, increasing the attack surface when agents process untrusted data (Ingestion points: rules/custom-agent-instructions.md, Capability inventory: Read, Write, Edit, Glob, Grep, Bash).
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 04:42 PM