claude-code-guide
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill documentation suggests users provide the command "forget previous instructions" to the agent. This phrase is a known prompt injection pattern used to bypass safety filters or prior system instructions.
- [PROMPT_INJECTION]: The skill relies on reading external configuration files (CLAUDE.md, README.md) which may contain untrusted content.
- Ingestion points: File reads of CLAUDE.md and README.md (SKILL.md).
- Boundary markers: None present to delimit untrusted file content.
- Capability inventory: Execution of arbitrary shell commands via npm scripts and file editing.
- Sanitization: None specified for the processed file content.
Audit Metadata