Skills
skills/commontoolsinc/labs/pattern-deploy/Gen Agent Trust Hub

pattern-deploy

Warn

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to search for identity keys using a bash command that scans both the local project directory and the user's home directory (specifically ~/.claude/*.key).\n- [DATA_EXFILTRATION]: The discovery of sensitive private key files represents a risk of credential exposure, as these materials could be leaked if the agent logs or returns the output of the search command.\n- [PROMPT_INJECTION]: The skill identifies a workflow for deploying and testing external pattern files (packages/patterns/[name]/main.tsx), which creates an entry point for indirect prompt injection.\n
  • Ingestion points: Content is read from packages/patterns/[name]/main.tsx during deployment and testing.\n
  • Boundary markers: The skill does not provide delimiters or instructions to ignore embedded prompts within the pattern files.\n
  • Capability inventory: The agent uses deno task to execute, update, and test patterns, which may involve network and system-level access.\n
  • Sanitization: There is no evidence of validation or sanitization of the code patterns before they are processed by the CLI.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 25, 2026, 04:15 AM