skill-first
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill provides a bash command to list installed skills.
- Evidence:
find ~/.claude -path "*/skills/*/SKILL.md" 2>/dev/null | xargs -I{} grep "^name:" {}. - Context: This command is used purely for discovery within the agent's specific directory. It only extracts the 'name' field and does not execute the files or pipe content to an interpreter.
- PROMPT_INJECTION (LOW): The skill uses strong directives to override default task-handling behavior.
- Evidence: 'Follow exactly
- Execute the skill's guidance without deviation', 'skill-first is mandatory'.
- Context: This language enforces the intended workflow of the skill (protocol discipline) and does not target safety filters, system prompt extraction, or adversarial jailbreaking.
Audit Metadata