auto-claude-workspace
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions were found that attempt to bypass AI safety filters or override the agent's core behavior.
- [Data Exposure & Exfiltration] (SAFE): The skill interacts with local project files and standard configuration (e.g., .env) for environment setup but does not demonstrate any data exfiltration patterns.
- [Command Execution] (SAFE): The documentation mentions standard local commands (git, npm, python) strictly for project management and testing purposes.
- [Indirect Prompt Injection] (SAFE): The skill's architecture for reviewing and merging code is a potential surface for indirect prompt injection if source files contain malicious instructions. However, the provided workflow emphasizes manual review to mitigate this risk.
- Ingestion points: Project source code during review and merge operations.
- Boundary markers: None explicitly defined, though the manual review process is encouraged.
- Capability inventory: Git management, file system access, and local project execution.
- Sanitization: Relies on the user performing a manual review step.
Audit Metadata