skills/shunsukehayashi/miyabi-claude-plugins/Growth Analytics and Dashboard Management/Gen Agent Trust Hub
Growth Analytics and Dashboard Management
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- General Security (SAFE): The file consists entirely of markdown documentation, tables, and mathematical formulas for business analysis. No executable scripts, obfuscated payloads, or hardcoded credentials were found.
- Indirect Prompt Injection (LOW): The skill is configured to use tools that ingest untrusted external data (WebFetch, Read) while also having access to tools that can modify the system or execute code (Bash, Write). This configuration creates an attack surface where instructions embedded in external metrics or websites could potentially influence the agent's behavior.
- Ingestion points: Uses WebFetch for external data and Read for local files.
- Boundary markers: Absent; there are no instructions to the agent to disregard commands found within fetched data.
- Capability inventory: Includes Bash (subprocess execution) and Write (file system access).
- Sanitization: No logic is present to sanitize or validate external inputs before they are processed by the agent or passed to tools.
Audit Metadata