cloning-project
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed to access and bundle user-uploaded files from
/mnt/user-data/uploads/and project configuration from the context window. This behavior is consistent with the stated purpose of creating a project backup and occurs entirely within the local environment. - [COMMAND_EXECUTION]: Uses standard system utilities like
cp,zip, andlsto manage files. These operations are restricted to expected directories (/home/claude,/mnt/user-data/) and do not involve network connectivity or privilege escalation. - [SAFE]: While the skill processes untrusted data (project instructions and knowledge files), it employs safe shell practices such as quoted heredocs (
'INSTRUCTIONS') to prevent command substitution when writing data to disk.
Audit Metadata