user-config-management
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (LOW): The documentation provides shell and PowerShell snippets for manual configuration management using utilities like cp, cat, and jq. These are restricted to local file operations.
- [EXTERNAL_DOWNLOADS] (LOW): Examples within the documentation reference executing MCP servers via npx (e.g., @anthropics/context7-mcp), which involve remote package downloads. These references are within the trusted anthropics scope.
- [DATA_EXFILTRATION] (SAFE): The skill focuses on local archival and expressly identifies .credentials.json as a security risk, excluding it from all backup and reset workflows.
- [PROMPT_INJECTION] (LOW): The backup of CLAUDE.md and history.jsonl introduces a surface for indirect prompt injection as these files contain user-controlled data. Evidence Chain: 1. Ingestion: ~/CLAUDE.md, ~/.claude/history.jsonl. 2. Boundaries: None. 3. Capabilities: Local filesystem access via shell commands. 4. Sanitization: None.
Audit Metadata