quick-start
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill instructs the agent to read a local file and 'follow the documented process exactly', creating an indirect prompt injection surface.
- Ingestion points: Content is ingested from 'claude_settings/python/quick-reference/quick-start.md'.
- Boundary markers: Absent; no delimiters or instructions are used to isolate the file content or treat it as untrusted data.
- Capability inventory: The skill definition does not explicitly request high-risk capabilities like network access or system-level write permissions, relying instead on the agent's default tools.
- Sanitization: Absent; no validation, escaping, or filtering is performed on the content of the read file before the agent is instructed to follow it.
Audit Metadata