Skills
skills/jwcodewrote/agent_skills_plugin/design/Gen Agent Trust Hub

design

Warn

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill initiates a download of external code from the repository pbakaus/impeccable using the npx package runner if sub-skills are missing from the environment.
  • [COMMAND_EXECUTION]: The skill executes shell commands (npx skills add ...) to modify the system state and install new capabilities automatically when a selected tool is unavailable.
  • [PROMPT_INJECTION]: The skill maps untrusted user input to the execution of specific tools. Ingestion points: User input from the menu prompt (number or natural language) in SKILL.md. Boundary markers: Instructs the agent to confirm with the user before proceeding if natural language input is used. Capability inventory: Execution of shell commands (npx) and invocation of other skills via the Skill tool. Sanitization: Uses a static lookup table to map user inputs to a specific set of allowed skill names.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 2, 2026, 10:20 AM