sync-manifest-dev

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads plugin components from the vendor's official GitHub repository at 'github.com/doodledood/manifest-dev.git'.
  • [COMMAND_EXECUTION]: It instructs the agent to manage the '.claude/' directory using shell operations, including cloning the source repository to '/tmp/' and performing selective file copying and deletion.
  • [REMOTE_CODE_EXECUTION]: The process involves syncing executable components (agents, hooks, and skills) into directories where they may be loaded and executed by the agent environment.
  • [PROMPT_INJECTION]: The skill creates an indirect prompt injection surface by integrating remote content into the agent's active configuration. 1. Ingestion points: Synced components from the remote GitHub repository. 2. Boundary markers: None identified; files are copied directly into the execution path. 3. Capability inventory: The skill manages file synchronization via 'git', 'cp', and 'rm'. 4. Sanitization: None; the process assumes the integrity of the author's source repository.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 07:37 AM
Security Audit — agent-trust-hub — sync-manifest-dev