install-scripts
Warn
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell tools such as 'cp' and 'chmod' to deploy scripts into the '.claude/scripts/' directory. This establishes a persistence mechanism where executable code is placed in a hidden project folder and made runnable across sessions.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through user-provided arguments like '--skill ', which are used for file path construction without defined sanitization.
- Ingestion points: User-supplied arguments such as --skill and script names in the installation workflow.
- Boundary markers: No instructions or delimiters are present to protect the prompt from injection in the argument values.
- Capability inventory: Full file system access through the Read and Write tools, alongside shell command execution (Bash).
- Sanitization: There are no explicit validation or sanitization steps to ensure the provided names do not result in directory traversal or execution of unintended files.
Audit Metadata