reclaude
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [No Code] (SAFE): The skill consists exclusively of markdown instructions for the AI agent. There are no executable scripts, shell commands, or external dependencies provided within the skill package.
- [Data Exposure] (SAFE): The instructions direct the agent to analyze standard project files such as
CLAUDE.mdandpackage.jsonto identify project commands and structure. It does not target sensitive system paths, credentials, or private keys. - [Indirect Prompt Injection] (SAFE):
- Ingestion points: User-provided
CLAUDE.mdfile content. - Boundary markers: None explicitly defined.
- Capability inventory: None. The skill only performs text refactoring and documentation generation.
- Sanitization: Not applicable.
- Analysis: Although the skill processes untrusted project documentation which could contain embedded instructions, the agent's capabilities are restricted to text manipulation, negating the risk of malicious command execution or exfiltration via this vector.
Audit Metadata