claude-folder-audit
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill performs legitimate maintenance and auditing functions on the agent's configuration environment. No malicious behaviors such as data exfiltration, remote code execution, or persistence mechanisms were detected.\n- [PROMPT_INJECTION]: The skill processes the contents of local configuration files (e.g., CLAUDE.md, SKILL.md) to verify their structure and metadata. This presents an indirect prompt injection surface as the agent is instructed to parse and evaluate the content of these files.\n
- Ingestion points: CLAUDE.md, SKILL.md, and project memory files in ai-context/.\n
- Boundary markers: None identified in the processing logic.\n
- Capability inventory: The agent has read access to the local filesystem and write access for the purpose of creating the audit report.\n
- Sanitization: No explicit content sanitization or validation against untrusted instruction injection is performed during the reading process.
Audit Metadata