skills/shimo4228/claude-code-learned-skills/claude-code-self-generation-over-api/Gen Agent Trust Hub
claude-code-self-generation-over-api
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill is composed exclusively of a Markdown file providing strategic advice to the agent. No scripts (Python, JS, Shell) or configuration files are present.
- [PROMPT_INJECTION] (SAFE): The instructions advise the agent on resource management and cost optimization (using internal generation vs external APIs). There are no attempts to bypass safety filters or ignore system instructions.
- [DATA_EXFILTRATION] (SAFE): No credentials, network calls (curl/wget), or access to sensitive local paths (~/.ssh, ~/.aws) were found.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill describes a workflow for processing batches of text data. This is a standard ingestion point for indirect injection; however, as there is no code provided to perform this processing, there is no specific vulnerability introduced by this skill.
- Ingestion points: Mentions processing "input data" and "batches".
- Boundary markers: None specified in text.
- Capability inventory: None (no code provided).
- Sanitization: None mentioned.
Audit Metadata