project-context-loader
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it ingests untrusted codebase content to generate context summaries.
- Ingestion points: The skill reads project source files (src/components/), package.json, and configuration files from the .claude/ directory.
- Boundary markers: No explicit XML-style or unique delimiters are used to wrap ingested code content during its interpolation into the session context file.
- Capability inventory: The skill is authorized to use Bash, Read, Write, Grep, and Glob tools.
- Sanitization: The skill performs pattern matching but does not explicitly sanitize or filter executable instructions or malicious prompts that might be embedded in the analyzed codebase.
- [COMMAND_EXECUTION]: The skill defines manual commands for context generation (scripts/context-compress.sh) and context removal. These commands are local to the project environment and are intended for developer workflow automation.
Audit Metadata