ask-claude
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill is designed to wrap the
claudeCLI via bash, which is its stated and legitimate purpose. - [INDIRECT_PROMPT_INJECTION] (LOW): As a natural language interface, it has an inherent surface for indirect prompt injection. 1. Ingestion points: The prompt passed to the CLI tool in
claude -p. 2. Boundary markers: No explicit delimiters are shown in the examples. 3. Capability inventory: The tool has permission to execute theclaudebinary via bash. 4. Sanitization: No specific sanitization is performed within the skill documentation, relying on the underlying platform's tool-calling safety and the CLI's internal logic. - [SAFE] (SAFE): No malicious obfuscation, credential exfiltration, or persistence mechanisms were detected.
Audit Metadata