creation-guard
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill employs standard shell utilities including
head,grep,echo,dirname, andbasenameto read and display headers of files located in~/.claude/skills/,~/.claude/agents/, and~/.claude/commands/. These operations are used purely for local analysis and discovery of existing artifacts. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it reads and processes instructions from existing local files that could contain malicious payloads.
- Ingestion points: Content is ingested from local artifact files via
SKILL.md(Step 2: Search Existing Artifacts). - Boundary markers: Absent; the skill does not use specific delimiters or warnings to ignore embedded instructions within the analyzed files.
- Capability inventory: The skill uses shell execution capabilities to read files and perform keyword searches.
- Sanitization: There is no evidence of sanitization or filtering applied to the content retrieved from existing artifacts before it is processed by the agent.
Audit Metadata