Skills
skills/nickcrew/claude-ctx-plugin/doc-claim-validator/Gen Agent Trust Hub

doc-claim-validator

Pass

Audited by Gen Agent Trust Hub on Feb 24, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing project documentation and source code through AI agents.
  • Ingestion points: Markdown files and codebase source files are read by the script and provided to subagents (Dependency, Behavioral, and Code Example verifiers) in Phase 2b.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agents to prevent them from following commands embedded within the documentation or code files.
  • Capability inventory: The skill uses Bash, Grep, Glob, and Read tools.
  • Sanitization: Input for internal shell commands (like grep) is escaped using re.escape().
  • [EXTERNAL_DOWNLOADS]: The verify_claims.py script performs network reachability checks on URLs found in documentation.
  • Evidence: The verify_url function uses urllib.request.urlopen with the HEAD method to check if external links in the documentation are active.
  • [COMMAND_EXECUTION]: The skill uses subprocesses to execute system commands for project analysis.
  • Evidence: scripts/verify_claims.py and scripts/extract_claims.py call git and grep via subprocess.run to determine project roots and search for code symbols.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 24, 2026, 05:58 AM