claude-code-knowledge
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of Markdown documentation files (references). No executable scripts, configuration files, or active code components are present in the analyzed set.
- [COMMAND_EXECUTION] (SAFE): The documentation describes the platform's ability to execute shell commands via hooks and dynamic context injection (!command). These features are presented with corresponding security documentation regarding the system's sandbox and permission-based restrictions.
- [EXTERNAL_DOWNLOADS] (SAFE): The plugin system documentation outlines how extensions can be loaded from GitHub, NPM, or arbitrary Git URLs. It provides instructions for managing these sources through allow/deny lists and managed enterprise settings to ensure secure deployment.
- [SAFE] (SAFE): The documentation explicitly labels high-risk features like 'bypassPermissions' as dangerous and provides guidance on using safer alternatives like 'dontAsk' within a sandbox or 'acceptEdits' for trusted operations.
Audit Metadata