1k-new-skill
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses the WebFetch tool to retrieve documentation from code.claude.com and platform.claude.com. These are trusted domains associated with the AI service provider.
- [PROMPT_INJECTION]: An indirect prompt injection surface is present as the skill is instructed to ingest external content and follow instructions or 'guidelines' extracted from it.
- Ingestion points: WebFetch of documentation URLs defined in the 'Fetch latest best practices' section of SKILL.md.
- Boundary markers: Absent; no delimiters or 'ignore' warnings are provided when processing external content.
- Capability inventory: The skill has access to Read, Grep, Glob, WebFetch, and Write tools, as well as the ability to execute shell commands.
- Sanitization: Absent; content from the external URLs is used directly to guide the generation of new skills.
- [COMMAND_EXECUTION]: The skill instructs the agent to execute several shell commands for file management and Git workflows (ls, mkdir, mv, git add/commit). It also invokes a local Python script located at 'development/skills-analysis/analyze-skills-tokens.py' to perform token count verification on newly created skills. These operations are consistent with the skill's purpose as a development tool.
Audit Metadata