Skills
skills/gupsammy/claudest/update-claudemd/Gen Agent Trust Hub

update-claudemd

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it reads and processes existing project documentation to generate updates.
  • Ingestion points: The agent reads the project's CLAUDE.md and all files within the .claude/claudemd-topics/ directory during the research phase (Phase 2).
  • Boundary markers: Absent; the instructions do not specify the use of delimiters or 'ignore' instructions for the content read from the repository.
  • Capability inventory: The skill is authorized to use Write and Edit tools for file modification, as well as Bash for git history, directory creation, and file copying.
  • Sanitization: The skill includes a mandatory human-in-the-loop validation step (Phase 5) where it uses the AskUserQuestion tool to present all proposed changes for user approval before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 05:31 PM