setup-claude-md
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's primary function involves identifying and executing build, lint, and test commands found in project files such as package.json or pyproject.toml. While functional, this automatically executes scripts defined in the local environment.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via manipulated project documentation or configuration files.
- Ingestion points: Reads package.json, pyproject.toml, Cargo.toml, docs/project-plan-refined.md, and other project files to determine architecture and commands.
- Boundary markers: No specific delimiters or instructions are used to isolate untrusted content from the project files.
- Capability inventory: The skill utilizes Bash and Read tools to process file content and execute commands derived from that content.
- Sanitization: There is no validation or sanitization of the commands extracted from project files prior to execution.
Audit Metadata