agent-add-rule
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- File Access (SAFE): The skill reads and writes to CLAUDE.md and docs/agents/ to manage instructions. No sensitive path access (e.g., ~/.ssh) was found.
- Indirect Prompt Injection (SAFE): The skill provides a surface for persisting user-provided instructions. While this is the primary functionality, it represents an injection surface if used to process untrusted data.
- Ingestion points: User free-text input (Step 1).
- Boundary markers: Absent; user text is written directly into Markdown configuration files.
- Capability inventory: File system access (Read/Write) to project configuration files and skill lists.
- Sanitization: Absent; user input is used to update the agent's governing documents without escaping.
- No Code (SAFE): The skill consists entirely of natural language instructions and does not contain executable scripts or external dependencies.
Audit Metadata