claude-config-advisor
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is strictly advisory and operates on local project metadata files. It does not attempt to access credentials, initiate network requests, or execute commands.- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes user-controlled project files. 1. Ingestion points: Project configuration files like CLAUDE.md and .claude/ directory (referenced in SKILL.md). 2. Boundary markers: None specified. 3. Capability inventory: No high-risk capabilities such as network access, command execution, or file writing are present in any skill files. 4. Sanitization: None identified. Due to the absence of dangerous capabilities, the risk is negligible.
Audit Metadata