skill-auditor
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes content from external SKILL.md files located in project and global directories. This creates a surface where a malicious skill file could attempt to influence the agent's behavior during the audit process.
- Ingestion points: Local file paths: ~/.claude/skills//SKILL.md, .claude/skills//SKILL.md, and plugins//skills//SKILL.md (via the Read tool).
- Boundary markers: None specified; the workflow does not define delimiters to isolate external content from instructions.
- Capability inventory: Employs Bash, Read, Glob, and Grep for file system discovery and inspection.
- Sanitization: No explicit sanitization or validation of the ingested file content is performed before analysis.
Audit Metadata