create-cowork-plugin
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes local system utilities (zip, cp) and an environment-specific validation tool (claude plugin validate) during the packaging phase to deliver the final plugin artifact to the outputs directory.
- [SAFE]: The skill serves as a legitimate scaffolding engine for developers. All operations are transparent and consistent with the intended purpose of creating structured plugin components (Skills, Commands, Agents).
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection by processing untrusted user input to generate instructions for the created plugin files. Ingestion points: User requirements via AskUserQuestion; Boundary markers: Absent in generated files; Capability inventory: Write, Edit, Bash; Sanitization: Absent.
Audit Metadata