upgrade
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill executes git fetch to synchronize local system files with an external upstream repository.
- [COMMAND_EXECUTION]: The skill utilizes bash to execute administrative commands for creating timestamped backups (mkdir, cp) and assigning executable permissions to internal hook scripts (chmod +x).
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8). 1. Ingestion points: Update content is ingested from an external Git repository and integrated into vault files like CLAUDE.md and .claude/rules/. 2. Boundary markers: Absent; there are no delimiters or instructions to ignore embedded commands within the downloaded content. 3. Capability inventory: The skill has Write, Edit, and Bash tools available across its operations. 4. Sanitization: No sanitization or validation of the remote content is performed before merging it into the vault or making scripts executable.
Audit Metadata