Skills
skills/centminmod/my-claude-code-setup/claude-docs-consultant/Gen Agent Trust Hub

claude-docs-consultant

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: LOWEXTERNAL_DOWNLOADS
Full Analysis
  • Unverifiable Dependencies & Remote Code Execution (LOW): The skill instructs the agent to fetch remote Markdown files from 'https://code.claude.com'. While this involves external data retrieval, the domain is the official product documentation site for Anthropic's Claude Code. Per [TRUST-SCOPE-RULE], because the source is verified and first-party, the severity is downgraded to LOW.
  • Indirect Prompt Injection (LOW): The skill ingests external content used to guide the creation of hooks and skills, representing a Category 8 attack surface. 1. Ingestion point: Markdown files from code.claude.com. 2. Boundary markers: Absent. 3. Capability inventory: The agent uses fetched data to generate code for hooks and skills. 4. Sanitization: Absent. The risk is considered LOW because the content is fetched from a trusted first-party source rather than untrusted third-party data.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 17, 2026, 12:30 AM