Skills
skills/melodic-software/claude-code-plugins/audit-lsp/Gen Agent Trust Hub

audit-lsp

Pass

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). It ingests data from external configuration files which could contain malicious instructions designed to manipulate the subagents used for auditing.
  • Ingestion points: The skill reads .lsp.json files and plugin.json manifests from the project directory.
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are used when passing file content to the subagents.
  • Capability inventory: The skill utilizes Bash, Read, Glob, Grep, and Task tools.
  • Sanitization: No evidence of sanitization or validation of the input file content is present before it is processed by the agent.
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to perform its auditing tasks. This capability represents a potential risk if an attacker successfully uses indirect prompt injection to execute arbitrary shell commands via the auditor subagents.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 18, 2026, 09:18 AM
Security Audit — agent-trust-hub — audit-lsp