Skills
skills/notque/claude-code-toolkit/integration-checker/Gen Agent Trust Hub

integration-checker

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and process untrusted data from repository source files and documentation.
  • Ingestion points: The skill reads CLAUDE.md and various source files (*.go, *.py, *.ts, *.js, etc.) to map exports and imports.
  • Boundary markers: There are no instructions provided to use delimiters or ignore potentially malicious instructions embedded within the analyzed code files (e.g., within comments or strings).
  • Capability inventory: The skill uses Bash, Grep, Read, and Glob to perform its analysis, providing a technical surface for the agent to act on instructions found in the code.
  • Sanitization: The instructions do not specify any validation or sanitization of the content read from files before it is processed by the agent.
  • [COMMAND_EXECUTION]: The skill uses Bash and Grep to search the codebase. This usage is restricted to searching and is consistent with the skill's stated purpose of identifying structural connections in code.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 12:34 PM