Skills
skills/laurigates/claude-plugins/finops-compare/Gen Agent Trust Hub

finops-compare

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes repository names and workflow metadata fetched via the GitHub API. An attacker with control over these names within the targeted organization could insert malicious instructions intended to manipulate the agent's behavior when it processes the script's output.
  • Ingestion points: Data is ingested from the GitHub API via gh repo list and gh api calls in scripts/compare-repos.sh.
  • Boundary markers: The output uses simple text headers (e.g., === Cache Usage ===) which provide weak separation between instructions and data.
  • Capability inventory: The skill has access to gh api, gh repo, and bash tools, allowing it to perform various actions on GitHub repositories.
  • Sanitization: There is no evidence of sanitization or filtering of the metadata fetched from GitHub before it is presented to the agent.
  • [COMMAND_EXECUTION]: The skill executes a local shell script scripts/compare-repos.sh with user-supplied arguments. While the script uses arrays and quoting to handle arguments safely, it provides a broad interface for interacting with the GitHub API.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 01:18 AM