Skills
skills/quarkusio/quarkusdev-skills/java-classpath-search/Gen Agent Trust Hub

java-classpath-search

Pass

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill's instructions for searching the index (Step 3) and checking build output (Step 4) involve constructing shell commands like grep and find using the $ARGUMENTS variable. If the AI agent interpolates raw user input into these shell commands without escaping special characters, it could lead to the execution of unintended commands on the local system.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via the following surface:
  • Ingestion points: User-provided class names or patterns supplied via $ARGUMENTS (SKILL.md).
  • Boundary markers: Absent; the instructions show direct interpolation of search patterns into shell commands without delimiters or warnings to ignore embedded control characters.
  • Capability inventory: The skill uses bash, grep, find, and a custom shell script (build-class-index.sh) which uses xargs and sh -c to execute commands.
  • Sanitization: Absent; the skill lacks explicit instructions or logic to sanitize, escape, or validate the user input before it is used to build shell commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 25, 2026, 10:28 AM