Skills
skills/laurigates/claude-plugins/vault-stubs/Gen Agent Trust Hub

vault-stubs

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill identifies and processes markdown files within the vault, which constitutes an attack surface if those files contain malicious instructions.
  • Ingestion points: Content is read from markdown files in the FVH/z/ and Zettelkasten/ directories (SKILL.md).
  • Boundary markers: The instructions do not define specific delimiters or instructions for the agent to ignore embedded commands within the processed files.
  • Capability inventory: The skill uses Read, Edit, Write, Grep, and Glob tools, and executes local shell commands including fd, rg, wc, and sort.
  • Sanitization: There is no evidence of content validation or escaping before the agent performs merges or promotions.
  • [COMMAND_EXECUTION]: The skill provides shell commands for identifying and analyzing stubs.
  • Evidence: The 'Detection' section includes shell pipelines using fd, wc, sort, and rg to find markdown files and evaluate their size or tag content. These operations are restricted to the local workspace and use standard utilities.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 01:17 AM