Skills
skills/laurigates/claude-plugins/project-discovery/Gen Agent Trust Hub

project-discovery

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection surface identified. The skill ingests untrusted data from the target project which could be used to influence the agent's behavior.
  • Ingestion points: Reads external data from README.md (via head), git log output, and manifest files like package.json (via jq).
  • Boundary markers: Results are formatted into a structured summary template, but the skill does not utilize specific delimiters or defensive instructions to prevent the agent from obeying commands embedded within the analyzed files.
  • Capability inventory: The skill is authorized to use Bash, Read, Grep, and TodoWrite tools.
  • Sanitization: No explicit sanitization or filtering of instructions within the ingested content is performed beyond standard shell utility output processing.
  • [COMMAND_EXECUTION]: Uses local shell scripts (discover.sh and analyze-skills.sh) to execute environment-gathering commands including git, jq, ls, and find. These commands are used strictly for project metadata extraction and orientation within the local file system.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 01:21 PM