Skills
skills/melodic-software/claude-code-plugins/create-expert/Gen Agent Trust Hub

create-expert

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill generates templates that process untrusted user input without implementing boundary markers or sanitization, creating a vulnerability to indirect prompt injection.
  • Ingestion points: The generated files question.md, plan.md, and plan-build-improve.md all interpolate the $ARGUMENTS variable directly into the prompt context.
  • Boundary markers: The generated instructions lack delimiters (e.g., XML tags or triple quotes) or specific system instructions to ignore potential commands embedded within user-provided text.
  • Capability inventory: The generated workflows enable powerful capabilities, including filesystem modification (Edit, Write) and command-line execution (Bash), which could be abused if an injection occurs.
  • Sanitization: No input validation or escaping mechanisms are provided in the scaffolding logic to sanitize the arguments before they are written to the target files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 04:21 AM