Skills
skills/laurigates/claude-plugins/configure-cache-busting/Gen Agent Trust Hub

configure-cache-busting

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the !command syntax to execute project-specific shell commands like find and pwd at load time to gather context.
  • [COMMAND_EXECUTION]: The skill generates a local JavaScript verification script (scripts/verify-cache-busting.js) from a template and configures CI/CD workflows and package scripts for execution.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from project configuration files which influences the logic for generating new configurations.
  • Ingestion points: Reads package.json, next.config.*, vite.config.*, and CDN configuration files.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded content are provided in the prompt logic.
  • Capability inventory: The skill utilizes file system modification tools (Write, Edit) and command execution tools (Bash).
  • Sanitization: There is no evidence of validation or sanitization of the content read from project files before it is interpolated into templates.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 01:18 AM
Security Audit — agent-trust-hub — configure-cache-busting