init
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill maintains an indirect prompt injection surface.
- Ingestion points: The agent is instructed to read and parse local project files such as package.json, go.mod, and pyproject.toml during the auto-detection and extraction phases (Phase 1, 3, and 6).
- Boundary markers: The instructions do not define specific delimiters or instructions for the agent to ignore embedded commands within these external files.
- Capability inventory: The skill has capabilities to create and modify repository files (Phase 7 and 8) and record information to an MCP memory tool (Phase 10).
- Sanitization: There is no documented sanitization or filtering of content extracted from parsed files before it is used in the generation of CLAUDE.md or other configuration artifacts.
Audit Metadata