audit-agents-skills
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill analyzes untrusted data from local agent, skill, and command files, which introduces a surface for indirect prompt injection where malicious instructions in the audited files could influence the agent's behavior during report generation or fix suggestion.\n
- Ingestion points: The skill reads contents from
.claude/agents/,.claude/skills/, and.claude/commands/as part of its discovery phase.\n - Boundary markers: There are no explicit delimiters or instructions to the agent to disregard natural language instructions found within the files being audited.\n
- Capability inventory: The skill utilizes
Read,Grep,Glob,Bash, andWriteto perform its audit and save results.\n - Sanitization: The skill employs
yaml.safe_loadfor structural parsing of file frontmatter, which is a safe practice, but it does not explicitly sanitize the natural language content of the files before interpolating it into the final audit report or generating recommendations.\n- [COMMAND_EXECUTION]: The skill usesBash,Grep, andGlobfor file system operations. These tools are used for discovery and static analysis of text files rather than for executing arbitrary external code or scripts found within the audited files.\n- [SAFE]: The skill includes security-positive features, such as automated checks for hardcoded secrets, credentials, and absolute file paths in the project code, effectively acting as a defensive security tool.
Audit Metadata