Skills
skills/darraghh1/my-claude-setup/customize/Gen Agent Trust Hub

customize

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted data from existing project files and user interactions to customize rule templates, which constitutes a surface for indirect prompt injection.
  • Ingestion points: Content is read from project files such as package.json and CLAUDE.md, and gathered via the AskUserQuestion tool (SKILL.md).
  • Boundary markers: The skill does not provide instructions for the agent to use specific delimiters or protective instructions when interpolating gathered data into the target files.
  • Capability inventory: The agent has permission to use Write and Edit tools to modify filesystem content and a restricted Bash tool for search operations.
  • Sanitization: There is no defined process for validating or escaping the information collected before it is committed to the project rules.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 04:56 AM