agent-config
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill provides instructions for crafting highly influential agent directives using strong emphasis (e.g., "IMPORTANT", "YOU MUST") and explicit behavioral overrides, such as "Skip confirmations" and "Never re-read files". While these are standard for token efficiency and agent configuration, they represent a mechanism for modifying core agent behavior.
- [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection:
- Ingestion points: The skill reads project files including
README.md,package.json, andCONTRIBUTING.mdto analyze project context and draft configuration files (SKILL.md Step 2). - Boundary markers: There are no explicit boundary markers or sanitization steps mentioned to separate untrusted project content from the generated instructions.
- Capability inventory: The skill has the capability to write to
CLAUDE.mdandAGENTS.md. These files are automatically loaded by the agent at the start of future sessions, allowing any injected instructions to persist and influence future agent actions. - Sanitization: No evidence of input validation or content filtering for processed project files was detected.
Audit Metadata