dig
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions to bypass safety filters or override system prompts were detected. The instructional language used for 'Phases' and 'Rules' is within the expected functional scope of the skill.\n- Data Exposure & Exfiltration (SAFE): While the skill reads project files (e.g., CLAUDE.md and plan files), it lacks network access tools (e.g., curl, wget) and does not contain patterns associated with external data transmission.\n- Remote Code Execution (SAFE): The skill does not include tools for shell execution, package installation, or downloading external scripts at runtime.\n- Indirect Prompt Injection (SAFE): The skill ingests data from external project files which could theoretically contain instructions. However, the risk is negligible given the restricted toolset available to the skill.\n
- Ingestion points: plan files, CLAUDE.md\n
- Boundary markers: Absent\n
- Capability inventory: Write, Edit, Read, Grep, Glob, TodoRead, TodoWrite, AskUserQuestion\n
- Sanitization: Absent
Audit Metadata