Skills
skills/levnikolaevich/claude-code-skills/ln-647-env-config-auditor/Gen Agent Trust Hub

ln-647-env-config-auditor

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill is configured to fetch supporting configuration and reference files from the author's official GitHub repository (levnikolaevich/claude-code-skills) using WebFetch if local files are missing. This is a standard mechanism used by the vendor to maintain skill dependencies.
  • [PROMPT_INJECTION]: The skill processes untrusted external data (project source code, .env files, and Docker configurations) which presents an indirect prompt injection surface.
  • Ingestion points: Project files are ingested via Read, Grep, and Glob tools during multiple analysis phases.
  • Boundary markers: The instructions do not define specific delimiters or "ignore instructions" markers for the data being read from the project codebase.
  • Capability inventory: The skill has access to the Bash tool and performing Write operations to save the audit reports to the filesystem.
  • Sanitization: No explicit sanitization or validation of the content extracted from scanned files is performed before it is processed by the agent or included in the output report.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 10:01 PM