Skills
skills/laurigates/claude-plugins/code-antipatterns/Gen Agent Trust Hub

code-antipatterns

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFE
Full Analysis
  • [DYNAMIC_CONTEXT_INJECTION]: The skill uses the !command`` pattern in the Context section to execute find commands. These commands are used to identify relevant file types within the project. These are benign, read-only operations intended to provide the agent with situational awareness.\n- [COMMAND_EXECUTION]: The skill utilizes bash to run ast-grep and ripgrep. Safety is maintained by the allowed-tools configuration in the YAML frontmatter, which restricts bash usage specifically to the sg and rg commands, preventing the execution of arbitrary or malicious shell commands.\n- [INDIRECT_PROMPT_INJECTION]: The skill has an ingestion surface as it reads and analyzes codebase files which may contain untrusted content.\n
  • Ingestion points: Files are read using Read, Grep, and ast-grep (SKILL.md).\n
  • Boundary markers: Not explicitly defined for the content of the files being analyzed to separate code from potential embedded instructions.\n
  • Capability inventory: Limited to Bash(sg/rg), Read, Glob, Grep, TodoWrite, and Task (SKILL.md).\n
  • Sanitization: No specific sanitization or filtering of external content is mentioned. The risk is limited to influencing the analysis report generated by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 01:17 AM