Skills
skills/duc01226/easyplatform/sync-protocols/Gen Agent Trust Hub

sync-protocols

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands like grep to locate content across the filesystem and executes a local Python script .claude/scripts/sync-hooks-to-skills.py to perform bulk updates.
  • [PROMPT_INJECTION]: The skill implements a synchronization logic that propagates content from a central canonical source (.claude/skills/shared/sync-inline-versions.md) to a large number of other skill and agent files. This creates a surface for indirect prompt injection where a change to the source file is automatically mirrored across the entire environment.
  • Ingestion points: The file .claude/skills/shared/sync-inline-versions.md serves as the untrusted data source for updates.
  • Boundary markers: The skill uses specific HTML comments (<!-- SYNC:{tag-name} -->) to delimit the content areas, though it relies on string replacement rather than sanitization.
  • Capability inventory: The skill has the capability to execute shell commands, run Python scripts, and write to any skill or agent file within the .claude directory.
  • Sanitization: No sanitization or validation of the synced content is performed; text is extracted from the source and injected directly into target files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 09:25 AM
Security Audit — agent-trust-hub — sync-protocols