Skills
skills/nickcrew/claude-ctx-plugin/tool-selection/Gen Agent Trust Hub

tool-selection

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes user-provided task descriptions to determine tool selection and routing logic.
  • Ingestion points: The [operation] input parameter for the /tools:select command and the requirement parsing step in SKILL.md.
  • Boundary markers: The skill does not define boundary markers (such as XML tags or delimiters) to separate user input from the agent's instructions, nor does it instruct the agent to ignore instructions embedded within the operation string.
  • Capability inventory: The skill references capabilities including execute_sketched_edit for file modifications and Read/Grep for file access in references/select.md.
  • Sanitization: There is no evidence of input validation or sanitization routines for the data processed during the tool selection workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 12:56 AM
Security Audit — agent-trust-hub — tool-selection