skill-auditor
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious patterns such as remote code execution, persistence, or data exfiltration were detected. The skill focuses on evaluating the structure and content of local markdown files within the user's environment.
- [Indirect Prompt Injection] (LOW): The skill possesses a surface for indirect prompt injection because it reads and processes instructions from third-party skill files. * Ingestion points:
~/.claude/skills/*/SKILL.mdand./skills/*/SKILL.md. * Boundary markers: Not explicitly defined in the workflow. * Capability inventory: Read-only file access and text report generation; no network or write capabilities. * Sanitization: No sanitization of processed skill content is performed before report generation.
Audit Metadata