Skills
skills/laurigates/claude-plugins/blueprint-adr-list/Gen Agent Trust Hub

blueprint-adr-list

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • PROMPT_INJECTION (MEDIUM): The skill is vulnerable to indirect prompt injection because it interpolates data from untrusted local files directly into its output.
  • Ingestion points: Files matching docs/adrs/*.md are read and parsed using awk.
  • Boundary markers: None. The extracted fields are placed directly into a markdown table without delimiters that would signal to the agent to treat the data as untrusted.
  • Capability inventory: The skill uses bash, fd, awk, and grep to read the filesystem and generate text for the agent's context.
  • Sanitization: There is no logic to escape markdown, filter out instructions, or validate the format of the extracted 'title', 'status', or 'date' fields. An attacker could craft an ADR file where the title contains a hidden injection payload.
  • COMMAND_EXECUTION (LOW): Uses fd, awk, and grep via bash to traverse the filesystem and process file contents. While these are standard utilities, they are being used to process files whose contents are not fully controlled by the skill itself.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 12:45 PM