Skills
skills/kongshan001/cc_skills_marketplace/cc-plugin-researcher/Gen Agent Trust Hub

cc-plugin-researcher

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (gh) to perform repository searches and standard git commands (add, commit, push) to manage documentation updates within the local filesystem at /root/.openclaw/workspace/cc_plugin.
  • [DATA_EXFILTRATION]: The skill is designed to automatically push generated research reports to an external GitHub repository (github.com/kongshan001/cc_plugin) without requiring user intervention for each push operation.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from GitHub search results to generate its reports.
  • Ingestion points: Data returned from gh search repo (repository names, descriptions, and metadata) are processed to create the research report.
  • Boundary markers: No specific delimiters or instructions are used to separate the ingested search data from the agent's instructions during report generation.
  • Capability inventory: The skill has the capability to write to the local filesystem and push content to a remote Git repository.
  • Sanitization: There is no evidence of sanitization or filtering of the content retrieved from GitHub before it is included in the generated Markdown files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 01:16 AM