skill-preflight
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for project maintenance and organization. Its operations are restricted to searching local files within the project repository to identify functional overlap between skills and agents.
- [PROMPT_INJECTION]: The skill ingests data from external files such as
SKILL.mdand.claude/agents/*.md. This presents a potential surface for indirect prompt injection if those files contain malicious instructions. However, because the skill is intended to read these files for auditing purposes and the scope is limited to the local development environment, the risk is minimal. - [DATA_EXFILTRATION]: No network operations or data exfiltration patterns were detected. The skill does not use tools like
curlorwgetand does not attempt to send data to external domains.
Audit Metadata