claude-skill
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The documentation shows the use of a Bash tool across multiple scenarios, such as Examples 1, 2, 3, 4, and 6, allowing the agent to execute shell commands which could be abused if the agent is misled.
- [REMOTE_CODE_EXECUTION] (LOW): The agent generates and executes commands at runtime via Bash and Edit tools for tasks like bug fixing and feature implementation, representing dynamic execution capabilities.
- [PROMPT_INJECTION] (LOW): Examples show the agent processing untrusted data like PR diffs and PDF contracts, creating a surface for indirect prompt injection. Ingestion points: 'gh pr diff' (Example 7), 'contract.pdf' (Example 8). Boundary markers: None explicitly shown in examples. Capability inventory: Bash, Read, Write, Edit, Grep, mcp__datadog. Sanitization: None evident in the provided usage patterns.
Audit Metadata