Skills
skills/chachamaru127/claude-code-harness/harness-work/Gen Agent Trust Hub

harness-work

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill leverages the Bash tool to perform repository operations using git, search files using grep, and delegate complex implementation tasks to a codex CLI tool.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it interprets and acts upon task descriptions and requirements stored in the user-editable Plans.md file.
  • Ingestion points: Task names, Descriptions, and Definitions of Done (DoD) from the Plans.md file (relative path).
  • Boundary markers: Status prefixes such as cc:TODO, cc:WIP, and cc:完了 are used to delimit task states in the file.
  • Capability inventory: The skill has access to Bash, Write, Edit, and Task tools, which can be used to modify the environment, write code, and execute shell commands.
  • Sanitization: No explicit sanitization or escaping of the task content from Plans.md is described before it is processed by the agent or passed to sub-agents (Workers/Reviewers).
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 09:27 PM