plugin-maintenance
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Python scripts to perform ecosystem maintenance. Evidence: usage of plugins/plugin-manager/scripts/audit_structure.py, sync_with_inventory.py, and generate_readmes.py.
- [EXTERNAL_DOWNLOADS]: Includes instructions to clone the plugin repository from the author's official GitHub account (github.com/richfrem/agent-plugins-skills.git) if the vendor directory is missing. This targets a verified vendor resource.
- [PROMPT_INJECTION]: The skill processes external plugin metadata (plugin.json, SKILL.md), which presents an indirect prompt injection surface.
- Ingestion points: Reads configuration and skill definition files from the plugins/ directory.
- Boundary markers: Implements a mandatory interactive discovery phase and a 'Recap-Before-Execute' confirmation protocol.
- Capability inventory: Authorized to use Bash for script execution and Write for documentation scaffolding.
- Sanitization: Includes an explicit audit checklist designed to identify and flag command injection vectors (shell=True) and hardcoded credentials in the analyzed content.
- [SAFE]: Implements comprehensive safety protocols, including a requirement for a dry-run pass before any live synchronization or cleanup operations to prevent accidental data loss.
Audit Metadata