Skills
skills/florianbuetow/claude-code/start/Gen Agent Trust Hub

start

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the bash tool to run which commands for identifying installed security tools like semgrep, bandit, and gitleaks in the local PATH.\n- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by reading and processing untrusted data from project files.\n
  • Ingestion points: The agent reads various manifest files (e.g., package.json, go.mod) and source code files (e.g., Dockerfile, serverless.yml).\n
  • Boundary markers: The instructions do not define specific delimiters or guidelines for the agent to ignore potentially malicious instructions embedded within the codebase being scanned.\n
  • Capability inventory: The skill employs Glob, Grep, Read, and Bash (used for which commands). It also writes assessment results to the local file system (.appsec/start-assessment.json).\n
  • Sanitization: There is no evidence of content sanitization or validation for the data ingested from the project files.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 06:45 PM