skill-master
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection through codebase scanning.
- Ingestion points: Scans all repository source files and build configurations (e.g., package.json, build.gradle) to identify architectural patterns.
- Boundary markers: No boundary markers or 'ignore' instructions are used when interpolating extracted code or comments into the generated SKILL.md files.
- Capability inventory: Includes file-writing capabilities restricted to the .claude/skills/ directory.
- Sanitization: While it includes rules to filter for secrets and PII, it lacks protection against malicious natural language instructions hidden in source code comments or metadata that could influence the agent when the generated skill is later loaded.
Audit Metadata