create-plugin
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes common shell utilities such as
mkdirandcatto create directories and write configuration files for plugin development. This behavior is consistent with the skill's primary purpose. - [COMMAND_EXECUTION]: The skill suggests the execution of a local validation script
./scripts/validate-all-plugins.shto verify the generated plugin structure. - [INDIRECT_PROMPT_INJECTION]: The skill creates an attack surface by establishing a directory structure for commands and agents that will be parsed by an LLM in the future. 1. Ingestion points: Files created within the
commands/,agents/, andskills/directories. 2. Boundary markers: No explicit boundary markers or 'ignore' instructions are provided for the generated files. 3. Capability inventory: The skill facilitates the creation of markdown and script files which may contain executable logic. 4. Sanitization: No sanitization or validation of the content being written to these files is performed by the skill itself. - [PROMPT_INJECTION]: Emphasized language such as 'CRITICAL' and 'IMPORTANT' is used to define the required manifest schema and registration workflow, which does not constitute an attempt to bypass security guardrails.
Audit Metadata