Skills
skills/l3digital-net/claude-code-plugins/gap-analysis/Gen Agent Trust Hub

gap-analysis

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted data from local source and test files, which presents a surface for indirect prompt injection.
  • Ingestion points: Local source files and test files are read to determine coverage (SKILL.md, Step 3, 4, and 5).
  • Boundary markers: No specific delimiters or safety instructions are defined for the content being read from source files.
  • Capability inventory: The skill performs file read operations and includes a procedure to write new skill files to the filesystem (SKILL.md, Step 1).
  • Sanitization: No sanitization or validation logic is specified for the content extracted from the files before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 01:37 PM