creating-commands
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill documentation provides detailed instructions on executing shell commands via the '!' prefix. It proactively addresses security concerns by recommending the principle of least privilege for 'allowed-tools' and demonstrating how to prevent command injection using heredocs when handling user-provided arguments.
- [PROMPT_INJECTION]: The documentation includes sections on 'Extended Thinking' which uses specific keywords to influence model reasoning depth. This is a documented feature of the Claude 3.7 model rather than an adversarial attempt to subvert safety guidelines.
- [EXTERNAL_DOWNLOADS]: The skill references the Claude Code plugin system for installing commands from URLs. These references are informative and focus on the standard workflow for managing extensions within the environment.
- [SAFE]: Overall, the content is instructional and emphasizes secure development practices for AI agent extensions.
Audit Metadata