optimise-claude
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute the 'bun skills' command to synchronize optimized skill files. This is a standard part of the documented workflow for this skill as described in the README.md and SKILL.md files.\n- [PROMPT_INJECTION]: The skill processes the content of other skill files and 'AGENTS.md', creating a surface for indirect prompt injection.\n
- Ingestion points: Reads content from '.agents/skills/*/SKILL.md' and 'AGENTS.md' during the inventory, reduction, and deduplication phases.\n
- Boundary markers: No delimiters or 'ignore' instructions are specified when processing external file contents.\n
- Capability inventory: The skill has the ability to write new skill files to '.agents/skills/' and execute local shell commands (bun skills).\n
- Sanitization: No content validation or escaping is performed on the data read from external skill files before it is processed or used to create new skills.
Audit Metadata