claude-code-guide
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill includes an instruction in SKILL.md suggesting that the user ask the agent to 'forget previous instructions' for debugging. This phrase is a common technique for overriding system prompts and safety constraints.
- [PROMPT_INJECTION]: The skill establishes a surface for indirect prompt injection by instructing the agent to follow instructions from project-level files like CLAUDE.md and README.md. Ingestion points: External project files CLAUDE.md and README.md are read into the agent context (SKILL.md). Boundary markers: No delimiters or instructions to ignore embedded instructions are specified for the ingested content. Capability inventory: The skill workflow involves executing shell commands such as npm run dev and npm test (SKILL.md). Sanitization: There is no mention of validating or sanitizing the content of the external files before processing.
Audit Metadata