skills/shunsukehayashi/miyabi-claude-plugins/Project Setup and Miyabi Integration/Gen Agent Trust Hub
Project Setup and Miyabi Integration
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (HIGH): The skill is susceptible to indirect prompt injection through the processing of untrusted project metadata.
- Ingestion points: User-provided project names, package names, and author information are used to populate templates.
- Boundary markers: Absent. The skill lacks delimiters to separate instructions from data during file generation.
- Capability inventory: High capability including Bash execution, Write, and Edit operations, allowing for significant filesystem and system state changes.
- Sanitization: No evidence of input validation or escaping for shell-sensitive characters in user-provided strings.
- [COMMAND_EXECUTION] (MEDIUM): The skill generates and executes complex shell scripts (Pattern 1, 2, and 3) to perform project setup, which could be exploited if pathnames or variables are manipulated.
- [DATA_EXFILTRATION] (SAFE): No unauthorized network activity or sensitive data access was detected. Access to .env.example is for template creation only.
Recommendations
- AI detected serious security threats
Audit Metadata