cc-skill-project-guidelines-example
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill provides a Python code pattern for AI integration that is vulnerable to indirect prompt injection. * Ingestion points: 'analyze_with_claude' function in SKILL.md. * Boundary markers: Absent. * Capability inventory: Anthropic API message creation with tool use. * Sanitization: Absent.
- Credentials (SAFE): The environment variables section uses standard placeholders (e.g., 'sk-ant-...' and 'eyJ...') rather than actual sensitive keys.
Audit Metadata