Skills
skills/ruvnet/claude-flow/validate-plugin/Gen Agent Trust Hub

validate-plugin

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection surface via local file ingestion. The skill performs validation by reading the contents of plugin.json and several markdown files (SKILL.md, agent files, command files) from a user-specified path. Maliciously crafted instructions inside these files could influence the agent during the validation process.
  • Ingestion points: Reads the content of multiple files within the [plugin-path] directory, including configuration and documentation files.
  • Boundary markers: The instructions do not define specific delimiters or "ignore previous instructions" guards when reading the content of the files to be validated.
  • Capability inventory: The skill uses Bash, Read, Glob, and Grep to interact with the filesystem and inspect file contents.
  • Sanitization: There is no evidence of sanitization or escaping of the content read from files before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 01:23 PM
Security Audit — agent-trust-hub — validate-plugin