get-available-resources
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Indirect Prompt Injection (LOW): The skill generates strategic recommendations in a JSON file that the agent is prompted to follow, creating a multi-step influence chain (Category 8b). \n
- Ingestion points: .claude_resources.json file generated at runtime. \n
- Boundary markers: Absent; instructions direct the agent to 'Read and Apply Recommendations'. \n
- Capability inventory: Local subprocess execution (python, system tools) and file system write access. \n
- Sanitization: Absent; output is generated directly from system utility results. \n- External Downloads (LOW): The skill requires the
psutillibrary. While standard, it is an external package dependency not included in the 'Trusted Sources' list. \n- Command Execution (LOW): Uses subprocesses to run a local discovery script and system-level hardware utilities (e.g., nvidia-smi, rocm-smi).
Audit Metadata