building-plugins

Expertly creates and manages Claude Code plugins, enabling cohesive bundles of agents, skills, commands, and hooks for enhanced functionality.

Install this skill

35/100

Security score

The building-plugins skill was audited on Mar 1, 2026 and we found 7 security issues across 2 threat categories, including 1 critical. Review the findings below before installing.

Categories Tested

Security Issues

critical line 722

Eval function call - arbitrary code execution

SourceSKILL.md

722	- Avoid `eval()` and dynamic code execution

medium line 166

Template literal with variable interpolation in command context

SourceSKILL.md

166

```json

high line 716

Template literal with variable interpolation in command context

SourceSKILL.md

716	- Use environment variables: `${API_KEY}`

medium line 857

Template literal with variable interpolation in command context

SourceSKILL.md

857

```bash

medium line 905

Template literal with variable interpolation in command context

SourceSKILL.md

905

```bash

medium line 384

Access to hidden dotfiles in home directory

SourceSKILL.md

384	ln -s /path/to/plugin-name ~/.claude/plugins/plugin-name

medium line 717

Access to .env file

SourceSKILL.md

717	- Add `.env` to `.gitignore`

Scanned on Mar 1, 2026

View Security Dashboard

Installation guide →

GitHub Stars 278

Rate this skill

Categorydevelopment

UpdatedMay 21, 2026

openclaw api ml-ai-engineer backend-developer product-manager development product

aiskillstore/marketplace