Skills
skills/alexei-led/cc-thingz/evolving-config/Gen Agent Trust Hub

evolving-config

Pass

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface by processing untrusted data from external sources (Perplexity queries) to generate configuration recommendations.
  • Ingestion points: External data enters the context via mcp__perplexity-ask__perplexity_ask in Phase 3 of the SKILL.md file.
  • Boundary markers: There are no explicit delimiters or instructions to treat the external tool output as untrusted content.
  • Capability inventory: The skill has extensive project access, including Read, Write, and Edit permissions for configuration files, as well as TaskCreate and TaskUpdate for workflow management.
  • Sanitization: There is no evidence of sanitization or escaping of the external content before it is processed for gap analysis.
  • Mitigation: The risk is mitigated by a mandatory human-in-the-loop step using AskUserQuestion before changes are applied, and a provided --dry-run argument that suppresses file modifications.
  • [EXTERNAL_DOWNLOADS]: Fetches the latest Claude Code features and changes from the official Anthropics GitHub repository's changelog.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 14, 2026, 08:41 PM