Skills
skills/killvxk/teamskills/team-status/Gen Agent Trust Hub

team-status

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes the ls command to scan the ~/.claude/teams/ directory. This is a restricted system call used to identify active team folders within a specific application context.\n- [PROMPT_INJECTION]: The skill ingests untrusted data from local files and task management tools, creating an indirect prompt injection surface.\n
  • Ingestion points: Reads team configuration from ~/.claude/teams/*/config.json and retrieves task status from TaskList and TaskGet tool outputs.\n
  • Boundary markers: Absent; data is directly interpolated into the final status report without delimiters or safety instructions.\n
  • Capability inventory: Limited to directory listing, file reading, and task status retrieval; no network or file-write capabilities are present.\n
  • Sanitization: No validation or escaping is performed on external content such as team descriptions or task titles before display.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 02:04 PM