Skills
skills/laurigates/claude-plugins/blueprint-curate-docs/Gen Agent Trust Hub

blueprint-curate-docs

Fail

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill implements Claude Code dynamic context injection using the ! syntax in SKILL.md. The command find . -maxdepth 1 \( -name package.json -o -name pyproject.toml -o -name requirements.txt \) -exec grep -m1 "^$1[\":@=]" {} + executes shell commands automatically when the skill is loaded. By including the unsanitized user argument $1 directly in the command string, the skill is vulnerable to command injection, allowing an attacker to execute arbitrary shell commands.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from the internet to build AI context files.\n
  • Ingestion points: Data is collected from external URLs using WebFetch and WebSearch in the 'Research and gather documentation' step.\n
  • Boundary markers: There are no markers or instructions to delimit or ignore instructions within the fetched web content.\n
  • Capability inventory: The skill uses Bash, Write, and Read tools, which could be abused if malicious instructions are processed.\n
  • Sanitization: The skill does not sanitize the external documentation before writing it to files in the docs/blueprint/ai_docs directory.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 21, 2026, 01:17 AM