Skills
skills/florianbuetow/claude-code/onboarding/Gen Agent Trust Hub

onboarding

Pass

Audited by Gen Agent Trust Hub on Apr 15, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads project-specific documentation files and is explicitly instructed to follow the rules and instructions found within them. Maliciously crafted instructions in these files could attempt to influence the agent's behavior.
  • Ingestion points: Reading AGENTS.md, CLAUDE.md, GEMINI.md, and COPILOT.md in the project root.
  • Boundary markers: Absent; instructions are incorporated directly into the session context.
  • Capability inventory: Executes shell commands (git status, git log, bd).
  • Sanitization: Absent; the skill directs the agent to follow found instructions without validation.
  • [COMMAND_EXECUTION]: The skill executes several shell commands to gather project state and issue tracker information.
  • Evidence: Execution of git status, git log --oneline --date=short --format="%h %ad %s" -15, bd ready, and bd list --status=in_progress in the Gather State workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 15, 2026, 05:18 AM