api-claude-sync
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by reading and interpolating metadata from local configuration files.
- Ingestion points: Scans and parses metadata from files located in .claude/skills/ and .claude/rules/ (SKILL.md).
- Boundary markers: The instructions do not define explicit delimiters to separate untrusted metadata from the agent's documentation templates.
- Capability inventory: Utilizes the Read, Write, Edit, Glob, and Grep tools (SKILL.md) to manage local documentation files.
- Sanitization: No validation or sanitization of the ingested YAML frontmatter is specified before it is updated into CLAUDE.md.
Audit Metadata