cursor-rules-synchronizer
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized activities were detected.
- [COMMAND_EXECUTION]: The skill uses a local helper command 'ai skill cursor-rules-synchronizer list' to identify rule files within the project. This is a legitimate functional command for rule discovery.
- [PROMPT_INJECTION]: The skill processes content from rule files, creating an indirect prompt injection surface.
- Ingestion points: Data is read from files in the '.cursor/rules/' directory.
- Boundary markers: Summaries are added to 'CLAUDE.md' under structured headers, though specific delimiters for external content are not utilized.
- Capability inventory: The skill is capable of executing bash commands for listing files and performing file system read/write operations.
- Sanitization: The skill does not explicitly mention sanitizing or escaping the rule content before it is summarized for the agent context.
Audit Metadata