who-are-you
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes standard system utilities such as
date,uname,grep, andechoto gather environment data like the current time, OS version, and shell type. These operations are essential for the skill's primary purpose of identity reporting. - [DATA_EXFILTRATION]: The skill reads system-level information including the current working directory (
pwd) and terminal program ($TERM_PROGRAM). This information is used solely for local display to the user and is not sent to any external domains or servers. - [PROMPT_INJECTION]: The skill implements logic to read from
CLAUDE.mdand other local configuration directories. While this establishes a surface for indirect prompt injection from project files, the extracted content is filtered throughgrepand used for descriptive metadata, presenting minimal risk to the agent's core instructions.
Audit Metadata