Skills
skills/laurigates/claude-plugins/docs-decommission/Gen Agent Trust Hub

docs-decommission

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFECREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill instructions specifically direct the agent to list "API keys, service accounts, and IAM roles" and require "Specific resource identifiers". This may result in the agent including actual secret values in the generated markdown documentation file.
  • [COMMAND_EXECUTION]: The skill is permitted to use Bash(find *) and Bash(ls *) for discovering resources. While restricted to directory listings, this provides the agent with broad visibility into the file system structure and file names.
  • [PROMPT_INJECTION]: The skill ingests an untrusted <service-name> argument which is used to construct file names and documentation content.
  • Ingestion points: The <service-name> argument provided in SKILL.md.
  • Boundary markers: No delimiters or instructions are provided to separate the input argument from the core logic.
  • Capability inventory: The skill has access to file writing and shell tools including Write, Edit, Bash, and Grep.
  • Sanitization: No validation or escaping is applied to the input argument to prevent it from influencing the agent's behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 01:18 AM