Skills
skills/hoangvantuan/claude-plugin/user-story/Gen Agent Trust Hub

user-story

Warn

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The SKILL.md file provides a shell command template for using the user-story-template.py script. This template uses fields like persona, action, and outcome which are derived from user input. If the agent executes this command without strictly escaping the user's input, it could allow for command injection attacks where an attacker runs arbitrary code on the host system.
  • [COMMAND_EXECUTION]: The Python script scripts/user-story-template.py implements an --output argument that writes content to a file using Path.write_text(). This allows the script to write to any file path the user provides. In an agent environment, this capability could be exploited to overwrite sensitive configuration files or system scripts if the agent is manipulated into using a malicious path.
  • [COMMAND_EXECUTION]: The skill processes untrusted external data (requirements, PRDs, and bug reports) as identified in the workflow. While primarily used for documentation, the lack of input sanitization in the script combined with its ability to write to the file system creates an attack surface for indirect manipulation of the environment.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 12, 2026, 07:37 AM
Security Audit — agent-trust-hub — user-story