auto-claude-optimization
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Command Execution (SAFE): The skill includes instructions for running local Python scripts (e.g., run.py, spec_runner.py) and basic system commands for performance tuning and maintenance.
- Data Exposure (SAFE): Guidance is provided for managing configuration via environment variables in a .env file, which is standard practice for local agent configuration. No exfiltration patterns are present.
- Prompt Injection (SAFE): Examples of system prompts are provided for persona optimization; these follow standard instructional patterns and do not attempt to bypass safety filters.
- Dynamic Execution (SAFE): Maintenance commands using Python's -c flag are provided for database compaction and profiling, which are restricted to local library functionality.
- Indirect Prompt Injection (SAFE): The skill documents CLI entry points that ingest task descriptions, which is a standard operational surface for agentic tools and does not represent an inherent security flaw in this context.
Audit Metadata