Skills
skills/mksteady/mkskills/audit-fix/Gen Agent Trust Hub

audit-fix

Fail

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The script import-to-kanban.js is vulnerable to shell command injection because it uses execSync to run shell commands with unescaped variables (title, tags, desc) derived from the local filesystem. Maliciously named files or directories could lead to arbitrary code execution.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it processes and executes instructions from external AUDIT.md files.\n
  • Ingestion points: AUDIT.md file contents.\n
  • Boundary markers: None; the agent lacks instructions to ignore malicious directives within the audit reports.\n
  • Capability inventory: File system modification, Git repository operations, and execution of local Node.js scripts.\n
  • Sanitization: No validation or sanitization of the 'Suggestion' or 'Description' fields is performed before application.\n- [DATA_EXFILTRATION]: The skill accesses sensitive local paths such as ~/.claude/skills/, exposing internal agent scripts and configuration files to potentially malicious audit reports.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 27, 2026, 08:49 AM