statusline-wizard
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains a directive using the 'CRITICAL' keyword to instruct the agent to ignore any user-provided arguments, which serves as a functional guardrail for the interactive setup wizard rather than a malicious bypass.
- [COMMAND_EXECUTION]: The workflow involves executing standard system commands to detect the operating system environment (
uname) and configuring execution permissions (chmod +x) for the generated status line scripts. - [SAFE]: The skill manages persistence by updating the application's own configuration file (
~/.claude/settings.json) and generating local scripts in the user's home directory, which are the documented methods for customizing the platform's status line. No unauthorized data access or external network communications were identified.
Audit Metadata