project-migrate
Warn
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple shell commands including ls, find, grep, cp, du, and sed to validate file paths and perform the migration of project files.
- [EXTERNAL_DOWNLOADS]: The skill documentation recommends that the user install an external dependency, spillwavesolutions/project-memory, which is hosted by a third-party vendor not included in the trusted list.
- [DATA_EXFILTRATION]: The skill reads and copies internal Claude Code application memory from ~/.claude/projects/. While this is the intended functionality of the skill, it involves the automated movement of sensitive application state.
- [PROMPT_INJECTION]: The skill processes user-provided target paths and local directory contents within shell scripts, creating a surface for indirect prompt injection.
- Ingestion points: The target-path argument and the local project file system structure processed in SKILL.md.
- Boundary markers: There are no explicit boundary markers or instruction-ignoring guards implemented for the processed file data.
- Capability inventory: The skill has extensive file system capabilities including directory creation, recursive copying, and metadata access across multiple scripts.
- Sanitization: Shell variables are double-quoted to mitigate common command injection, but complex filename patterns or symbolic links could still cause unexpected behavior.
Audit Metadata