Skills
skills/dutstech/ceoralph/clnode-agents/Gen Agent Trust Hub

clnode-agents

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting metadata from local agent files and interpolating that data into project documentation.
  • Ingestion points: Reads YAML frontmatter from .claude/agents/*.md and content from .claude/rules/team.md as described in Phase 1 and Phase 4 of SKILL.md.
  • Boundary markers: Absent. No explicit delimiters or instructions are used to prevent the agent from obeying instructions embedded in the scanned files.
  • Capability inventory: The skill uses Read, Write, and Edit tools to modify files within the project's .claude/ configuration directory.
  • Sanitization: Absent. File content and metadata are used directly in templates without validation or escaping.
  • [SAFE]: The skill references official documentation for Claude Code agents on Anthropic's established domain.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 10:36 AM