1k-coding-patterns
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface detected.
- Ingestion points: The skill reads external code using Read, Grep, and Glob tools.
- Boundary markers: No delimiters or instructions are provided to the agent to ignore instructions embedded within the files it processes.
- Capability inventory: The skill has Write and Edit tools, which allow it to modify files on the system.
- Sanitization: No sanitization or validation of input data is present.
- [EXTERNAL_DOWNLOADS]: The skill is installed from an untrusted third-party repository (majiayu000/claude-skill-registry). The install command downloads the main skill file, but metadata suggests the presence of scripts not included in the provided analysis files.
Audit Metadata