stop-slop
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- PROMPT_INJECTION (LOW): The skill presents an indirect prompt injection surface as it is designed to ingest and process untrusted user text while being granted access to high-privilege tools. Evidence:
- Ingestion points: Processes user-provided prose.
- Boundary markers: Absent.
- Capability inventory: Bash, Edit, Write, Read, Glob.
- Sanitization: Absent.
- DATA_EXFILTRATION (LOW): The skill documentation references ~/.claude/settings.json. While no explicit command is provided to read or exfiltrate this file, referencing internal configuration paths is a minor security concern that could be exploited by an agent to access sensitive environment settings.
Audit Metadata