Skills
skills/mwguerra/claude-code-plugins/queue/Gen Agent Trust Hub

queue

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local TypeScript scripts using the Bun runtime (e.g., bun run "${CLAUDE_PLUGIN_ROOT}"/scripts/queue.ts).
  • [COMMAND_EXECUTION]: The database schema in references/schema-reference.md defines multiple fields intended to store and execute shell commands, including scaffold_command, run_command, test_command, and run_instructions.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection via untrusted data stored in the database.
  • Ingestion points: Data is read from the articles and settings tables in the .article_writer/article_writer.db SQLite database, specifically from fields like title, sources_used, and companion_project.
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are documented for the data fields.
  • Capability inventory: The skill possesses the ability to execute commands via bun run and potentially via the command strings stored in the database's JSON columns.
  • Sanitization: There is no evidence of sanitization or validation logic to prevent malicious command injection within the command-bearing fields.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 11:29 AM