Skills
skills/kriscard/kriscard-claude-plugins/nvim-plugins/Gen Agent Trust Hub

nvim-plugins

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted local data from Neovim configuration files, which acts as a surface for indirect prompt injection if those files contain malicious instructions.
  • Ingestion points: Reads ~/.config/nvim/lazy-lock.json and all files within lua/plugins/*.lua to identify currently installed plugins.
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore potentially malicious content or instructions embedded within these configuration files during the analysis phase.
  • Capability inventory: The skill utilizes Read, Write, Glob, and Task tools, allowing it to read the filesystem, write new configuration files, and delegate analysis to other agents.
  • Sanitization: The skill does not implement specific sanitization or validation logic for the content read from the local configuration files before processing it.
  • [COMMAND_EXECUTION]: The skill instructions specify the use of shell commands to inspect local system files.
  • Evidence: Explicitly calls cat ~/.config/nvim/lazy-lock.json within its workflow to retrieve plugin information.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 02:00 AM