compliance-policy-check
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection through the processing of potentially untrusted data from the local environment.\n
- Ingestion points: The skill workflow requires reading policy files from .claude/rules/ and evaluating external implementation plans or artifacts (Workflow Step 1 & 2).\n
- Boundary markers: The skill does not define specific delimiters or instructions for the agent to distinguish its own logic from the content of the data files, which could allow instructions embedded in those files to influence agent behavior.\n
- Capability inventory: The skill utilizes tools including Read, Glob, Grep, and Skill, and is instructed to write findings to persistent memory files in .claude/context/memory/.\n
- Sanitization: No sanitization, validation, or escaping logic is applied to the content read from external files before it is processed by the model.
Audit Metadata