Skills
skills/laurigates/claude-plugins/code-antipatterns-analysis/Gen Agent Trust Hub

code-antipatterns-analysis

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted source code and provides it to the agent for analysis.\n
  • Ingestion points: Source code files are read using Read, Grep, Bash(sg *), and Bash(rg *) tools as described in SKILL.md.\n
  • Boundary markers: The skill does not define specific delimiters or instructions to ignore instructions embedded within the analyzed code.\n
  • Capability inventory: The agent can execute shell commands (Bash), write todos (TodoWrite), and manage tasks (Task).\n
  • Sanitization: No validation or sanitization of the input code is performed before analysis.\n- [COMMAND_EXECUTION]: The skill uses shell commands for structural code searching and JSON processing.\n
  • Evidence: SKILL.md contains multiple examples of ast-grep, ripgrep, and jq command strings intended for execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 04:57 PM