clean-code
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines a mandatory verification workflow involving the execution of various Python scripts located in the
~/.claude/skills/directory (e.g.,ux_audit.py,security_scan.py). This represents a command execution surface where the agent invokes local scripts based on its assigned role and the environment's configuration.- [PROMPT_INJECTION]: The skill includes behavioral instructions (e.g., 'Before saying task complete, verify...') and priority markers (priority: CRITICAL) which are common in system-like skills and do not represent malicious injection attempts. However, it is vulnerable to indirect prompt injection. Ingestion points: The skill reads and modifies project source files (e.g.,UserService.ts) and captures output from audit scripts. Boundary markers: There are no markers or explicit instructions to ignore embedded commands within the files being processed. Capability inventory: The skill utilizesRead,Write, andEditfile permissions and executes Python subprocesses. Sanitization: No validation or sanitization of external file content is performed before the agent summarizes script results or performs edits.- [DATA_EXFILTRATION]: No patterns for unauthorized data access or external transmission to non-whitelisted domains were detected.- [EXTERNAL_DOWNLOADS]: No remote URLs, package installations, or script downloads from external sources were identified.- [CREDENTIALS_UNSAFE]: No hardcoded secrets, API keys, or private credential patterns were found in the skill content.
Audit Metadata