Skills
skills/athola/claude-night-market/call-chain/Gen Agent Trust Hub

call-chain

Warn

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses a find command to discover the path of a script named graph_query.py in the ~/.claude/plugins directory and then executes it using python3. This runtime determination of an executable's path is a dynamic execution pattern.
  • [PROMPT_INJECTION]: The skill's fallback logic interpolates user-provided function names into shell commands (rg or grep) without sanitization. This creates an indirect prompt injection surface for command injection. 1. Ingestion points: Function names or entry points from user input in SKILL.md. 2. Boundary markers: None present. 3. Capability inventory: Execution of rg and grep shell commands in SKILL.md. 4. Sanitization: No input validation or escaping of the user-provided function name before shell interpolation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 9, 2026, 07:37 AM