Skills
skills/jezweb/claude-skills/fork-discipline/Gen Agent Trust Hub

fork-discipline

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes shell commands to audit and modify the local codebase.
  • Evidence: Commands include grep, find, git mv, and mkdir used to search for client-specific identifiers and move files into a structured clients/ directory.
  • Dynamic Scripting: The skill generates a shell script at .jez/scripts/fork-refactor.sh based on audit results to automate refactoring, which involves writing and potentially executing locally generated code.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its handling of untrusted codebase data.
  • Ingestion points: Project source files (e.g., src/*.ts) and configuration files are scanned and read via grep and Read tools.
  • Boundary markers: None. The instructions do not define delimiters or provide warnings to the agent to ignore instructions contained within the analyzed source code.
  • Capability inventory: The skill is authorized to use Bash for command execution, Write for file creation, and Edit for code modifications.
  • Sanitization: None. Data retrieved from the codebase is directly used to populate the fork-discipline-audit.md report and the generated fork-refactor.sh shell script.
  • [SAFE]: The tool is a legitimate developer utility aimed at improving code architecture. All operations are local to the workspace, and no external network activity or unauthorized data access was detected.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 04:12 PM