project-update
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs file system operations including reading project metadata (e.g., package.json), updating documentation in the ai-context/ directory, and modifying the CLAUDE.md configuration file.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted project data and uses it to update the agent's instruction files.
- Ingestion points: Reads project files including package.json, CLAUDE.md, onboarding.md, scenarios.md, and quick-reference.md.
- Boundary markers: Absent; no specific delimiters or instruction-ignore warnings are used when processing external file content.
- Capability inventory: File read, write, and archive (move to legacy/) operations within the project workspace.
- Sanitization: Absent; the skill relies on manual user confirmation of diffs rather than automated sanitization of processed content.
Audit Metadata