plugin-installer
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONNO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands to manage plugins, including 'pip install', 'python ./plugin_installer.py', and various 'npx skills' commands.
- [EXTERNAL_DOWNLOADS]: The skill uses 'npx skills add' to download components from the vendor's repository at 'github.com/richfrem/agent-plugins-skills'. These resources are owned by the skill author and represent legitimate functionality.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes and installs rules and commands from local plugin directories into the agent's configuration. Ingestion points include 'plugins//rules/' and 'commands/'. It utilizes '' tags as boundary markers when appending rules to 'CLAUDE.md'. The skill has file-write and script-execution capabilities, though no explicit sanitization logic for the plugin content is described in the documentation.
- [NO_CODE]: The core logic for installation and bridging is contained in external Python scripts ('plugin_installer.py' and 'install_all_plugins.py') that are referenced via relative paths rather than being included in the skill's direct directory structure.
Audit Metadata