plugin-dev
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: Executes project-local validation scripts (bun scripts/validate-plugins.mjs) and auditing scripts (bash plugins/plugin-dev/scripts/audit-hooks.sh) to verify plugin integrity and code quality.
- [INDIRECT_PROMPT_INJECTION]: The skill analyzes untrusted plugin metadata and scripts from the workspace, which represents an attack surface for indirect prompt injection. 1. Ingestion points: Processes frontmatter from SKILL.md files and source code from .sh and .py script files. 2. Boundary markers: No specific delimiters or instructions to ignore embedded commands are used when reading or reporting file contents. 3. Capability inventory: Access to Bash, Grep, Glob, and Read tools allows for filesystem operations. 4. Sanitization: Logic is deferred to external scripts; the skill does not explicitly sanitize or escape file content before it is processed by the agent.
Audit Metadata