Skills
skills/melodic-software/claude-code-plugins/skill-development/Gen Agent Trust Hub

skill-development

Pass

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it is designed to ingest and analyze instructions from other skills' documentation files.
  • Ingestion points: The validation logic in scripts/quick_validate.py and scripts/validate_yaml_frontmatter.py reads content from SKILL.md and associated reference files within the audited skill directory.
  • Boundary markers: There are no explicit delimiters or specific 'ignore embedded instructions' warnings applied to the data being audited, which may allow an adversarial skill to influence the agent during the auditing process.
  • Capability inventory: The skill possesses the Read, Glob, Grep, and Skill tools, allowing it to explore the file system and trigger other agent capabilities.
  • Sanitization: The skill processes file contents using regular expressions for structural validation but does not provide sanitization for the instructional text that is ultimately presented to the language model.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 2, 2026, 04:50 AM