create-slash-commands
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious code or patterns were detected in the provided reference files. The content is educational and describes standard configuration features for AI-assisted development tools.
- [COMMAND_EXECUTION] (SAFE): The documentation explains how to execute bash commands within a command context. It includes a dedicated reference for securing this feature using the
allowed-toolswhitelist to prevent unauthorized or destructive commands. - [INDIRECT_PROMPT_INJECTION] (SAFE): While the documentation describes a surface where user-provided arguments are interpolated into prompts, it emphasizes the use of tool restrictions as a primary defense. • Ingestion points: Command arguments ($ARGUMENTS, $1, etc.) in command definitions. • Boundary markers: Recommended help text and argument hints. • Capability inventory: Bash, Read, Write, Edit, and reasoning tools. • Sanitization: Strong guidance on using the
allowed-toolsfrontmatter to whitelist specific bash command patterns.
Audit Metadata