skill-symlinker
Warn
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands, specifically
ln -sfnandls -la, to manage symbolic links within the local filesystem. - [COMMAND_EXECUTION]: The skill modifies the contents of
~/.claude/skills/, which is a sensitive directory containing the definitions of the agent's capabilities and behaviors. Arbitrary modification of this directory can alter the agent's operational logic. - [PROMPT_INJECTION]: The skill uses user-supplied skill names to construct filesystem paths for command execution. If the input is not strictly validated, it could potentially be exploited for path traversal attacks (e.g., using
../../in a skill name) to link or overwrite unintended directories.
Audit Metadata