Skills
skills/anyoneanderson/agent-skills/spec-rules-init/Gen Agent Trust Hub

spec-rules-init

Pass

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Uses basic shell commands such as ls, pwd, and find to analyze project structure and locate configuration files like package.json or CLAUDE.md.- [PROMPT_INJECTION]: The skill represents an indirect prompt injection surface as it ingests data from external files to generate instructions that govern future agent behavior.
  • Ingestion points: Reads content from project-level convention files (CLAUDE.md, AGENTS.md) and global skill metadata files (~/.claude/skills/*/SKILL.md).
  • Boundary markers: No delimiters or instructions to ignore embedded commands are applied to the extracted text during processing.
  • Capability inventory: The skill can discover files, read their content, create directories, and write or append to rule files within the workspace.
  • Sanitization: Extracted content is interpolated directly into templates without documented sanitization or validation steps.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 14, 2026, 05:51 PM