sync-manifest-dev
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads plugin components from the vendor's official GitHub repository at 'github.com/doodledood/manifest-dev.git'.
- [COMMAND_EXECUTION]: It instructs the agent to manage the '.claude/' directory using shell operations, including cloning the source repository to '/tmp/' and performing selective file copying and deletion.
- [REMOTE_CODE_EXECUTION]: The process involves syncing executable components (agents, hooks, and skills) into directories where they may be loaded and executed by the agent environment.
- [PROMPT_INJECTION]: The skill creates an indirect prompt injection surface by integrating remote content into the agent's active configuration. 1. Ingestion points: Synced components from the remote GitHub repository. 2. Boundary markers: None identified; files are copied directly into the execution path. 3. Capability inventory: The skill manages file synchronization via 'git', 'cp', and 'rm'. 4. Sanitization: None; the process assumes the integrity of the author's source repository.
Audit Metadata