optimize-plugin
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external plugin files which presents a surface for indirect prompt injection. \n
- Ingestion points: Reads configuration and instruction files from commands/, agents/, skills/, and hooks/ directories within the target plugin path. \n
- Boundary markers: There are no explicit delimiters or specific instructions to the processing agent to ignore embedded instructions within the plugin files. \n
- Capability inventory: The skill utilizes Bash(bash:*) for script execution and possesses task management permissions (TaskCreate, TaskUpdate). \n
- Sanitization: The workflow includes a mandatory human-in-the-loop checkpoint using the AskUserQuestion tool before any template-based fixes are applied by the optimization agent. \n- [COMMAND_EXECUTION]: The skill executes a local Python validation script located at ${CLAUDE_PLUGIN_ROOT}/scripts/validate-plugin.py using the Bash tool. This is a legitimate and scoped use of command execution intended for analyzing plugin structure and metadata.
Audit Metadata