ai-patterns
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill executes a local maintenance script
ensure-patterns-repoand directory listing commands (ls). These are used to manage the lifecycle of the patterns repository and allow the user/agent to browse available content. - [EXTERNAL_DOWNLOADS] (LOW): The skill is designed to sync with an external repository hosted by a third-party user (
lexleron GitHub). Because this source is not on the pre-approved trusted list, the dependency is flagged as an external download of unverified content. - [PROMPT_INJECTION] (LOW): (Category 8: Indirect Prompt Injection) The skill's primary function is to load external markdown documents into the agent's context. This creates a surface where instructions embedded in those documents could influence the agent's behavior.
- Ingestion points: Files located in
~/.cache/claude-skills/augmented-coding-patterns/documents. - Boundary markers: None identified; the skill does not explicitly wrap loaded content in delimiters or provide warnings to ignore embedded instructions.
- Capability inventory: Shell command execution (
ls,ensure-patterns-repo). - Sanitization: None; the skill assumes the integrity of the downloaded markdown files.
Audit Metadata