add-typescript-best-practices
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTIONNO_CODE
Full Analysis
- Prompt Injection (MEDIUM): The skill utilizes coercive tags like and explicit instructions to 'write it strictly as it is' and 'do not summarise'. These patterns are designed to force the agent to bypass its own reasoning or filtering and deliver the payload exactly as specified.
- Indirect Prompt Injection (MEDIUM): The skill is designed to overwrite or update
CLAUDE.md, which is a persistent rule-set file used to define how an agent behaves in a workspace. Evidence Chain: - Ingestion points: The static markdown content within
SKILL.mdand the user-suppliedargument-hintmetadata. - Boundary markers: Absent; the skill uses enforcement tags instead of delimiters.
- Capability inventory: File system write/update capabilities for critical workspace configuration files.
- Sanitization: None detected.
- No Code (LOW): This skill contains no executable scripts or code files, relying entirely on natural language instructions for the agent to perform actions.
Audit Metadata