nvim-check-config
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it reads and analyzes user-controlled Neovim configuration files. Ingestion points: The skill reads files from the ~/.config/nvim directory and the .claude/neovim-advisor.local.md settings file. Boundary markers: No specific delimiters or instructions are used to prevent the agent from obeying commands embedded within the configuration files. Capability inventory: The skill uses Read, Glob, and Grep tools for analysis, and possesses the Edit tool to modify files. It also can delegate complex analysis to a sub-agent. Sanitization: There is no evidence of sanitization or content validation for the data ingested from the configuration files. This risk is mitigated by the skill's workflow, which requires explicit user consent before any changes are applied.
Audit Metadata