Skills
skills/abpai/skills/claude/Gen Agent Trust Hub

claude

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the claude CLI with various arguments to perform code analysis, summarize changes, and apply automated edits. Evidence: claude -p commands used throughout SKILL.md for analysis and implementation tasks.
  • [EXTERNAL_DOWNLOADS]: The skill performs an automated version check against a remote repository and suggests downloading updates via npx. Evidence: Silently fetches https://raw.githubusercontent.com/abpai/skills/main/versions.json and suggests running npx skills update claude if a newer version is found.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface typical of code analysis tools.
  • Ingestion points: Local repository files and git diffs analyzed by claude -p in SKILL.md.
  • Boundary markers: Absent; no explicit delimiters or "ignore embedded instructions" warnings are included in the prompt templates.
  • Capability inventory: The claude CLI can perform file modifications (acceptEdits mode) and other automated repository actions.
  • Sanitization: Absent; repository content is passed to the tool without specific sanitization or escaping logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 12:32 PM