init
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Node.js script located at
.claude/tools/cli/skill-freshness-report.cjsto evaluate the status of repository assets. This command execution is part of the skill's maintenance workflow. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes content from untrusted external files within the repository. * Ingestion points: Reads
README.md,.cursorrules,package.json, and various framework configuration files (SKILL.md, Stage 1). * Boundary markers: Absent. The skill does not instruct the agent to use delimiters or safety wrappers when reading or summarizing these files. * Capability inventory: The skill has the ability to write to the file system (AGENTS.md), execute shell commands (node ...), and invoke other agent components (agent-creator,skill-creator). * Sanitization: Absent. There is no evidence of content validation or filtering of the data extracted from the repository files before it is used to generate instructions.
Audit Metadata