Skills
skills/terrylica/cc-skills/plugin-validator/Gen Agent Trust Hub

plugin-validator

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the shellcheck utility through subprocess.run to analyze the contents of shell scripts within a plugin. This is a legitimate use case for a validation tool.
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to run structural validation scripts that utilize jq for parsing and verifying JSON manifest files.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted external data by reading and analyzing plugin files (plugin.json, hooks/*.sh, hooks/*.py) provided by the user. While the auditing is performed via regex and static analysis, the exposure of this data to the agent represents a potential surface for indirect prompt injection, though no specific exploits were found.
  • [PROMPT_INJECTION]: The SKILL.md file contains a 'Post-Execution Reflection' section that instructs the agent to self-modify its own instructions and logs based on its performance. While these instructions are designed for autonomous improvement, they utilize imperative language and direct the agent to edit its own skill files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 09:51 AM