verify-worktree-plugins
Warn
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
verify-worktree-plugins.shperforms multiple command-line operations including usinggrepto check files,sedandawkto modify content, andchmod +xto change file permissions on scripts within the~/.claudedirectory. Additionally, the skill's instructions suggest implementing a TypeScript hook (context-compression-hook.ts) that usesexecSyncfromnode:child_processto run git commands during process compaction.\n- [PROMPT_INJECTION]: The skill is designed to inject instructions into theSKILL.mdfiles of other plugins (specificallycompound-engineeringandsuperpowers). These patches use 'CRITICAL' and 'IMPORTANT' markers to provide directions that override or supplement the agent's behavior when using those plugins. This represents a capability for one skill to modify the instructional baseline of other agent skills.
Audit Metadata