Skills
skills/jamie-bitflight/claude_skills/external-pattern-integrator/Gen Agent Trust Hub

external-pattern-integrator

Warn

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses curl or WebFetch in Step 1.2 to download content from arbitrary URLs provided as arguments to the /tmp directory.
  • [PROMPT_INJECTION]: Phase 2 (Contextual Enhancement) involves extracting instructions from external sources and merging them directly into local SKILL.md and agent files. This creates an indirect prompt injection surface where untrusted external content can override the local agent's core behavior.
  • Ingestion points: External URLs or files provided in $ARGUMENTS (SKILL.md Step 1.2).
  • Boundary markers: None; the skill merges content into existing files with only simple source attribution comments.
  • Capability inventory: File read/write, curl network operations, uv run command execution, git commit operations (SKILL.md Phases 1-3).
  • Sanitization: None; the skill reads and integrates the full content of external sources based on pattern similarity.
  • [COMMAND_EXECUTION]: Step 3.1 executes uv run prek run on files modified with untrusted external content. If the external source manages to inject code into a script file or exploits the linter, this could lead to unintended local command execution.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 29, 2026, 08:40 AM