init-config
Warn
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requests wildcard bash permissions ([Bash(*)]) and executes a local script located at [${CLAUDE_PLUGIN_ROOT}/scripts/render-claude-config.sh] with multiple command-line arguments derived from user input.
- [DATA_EXFILTRATION]: The skill accesses sensitive developer identity information by running [git config user.name] and [git config user.email].
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by writing user-provided strings into a configuration file ([CLAUDE.md]) that influences future agent behavior without explicit sanitization.
Audit Metadata