claude-code-command-author
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for generating Claude Code custom commands that can execute bash scripts using the
!prefix. It effectively mitigates risk by requiring the use of theallowed-toolsconfiguration to restrict execution to specific, non-destructive commands (e.g., git status). - [DATA_EXFILTRATION]: The templates and instructions provided in the skill explicitly prohibit the inclusion of commands that perform external network operations (e.g.,
curl,wget), preventing the exfiltration of source code or environment variables. - [SAFE]: The skill includes a 'Guardrails' section and a 'Quality Checklist' that prevent the generation of commands with destructive capabilities (e.g.,
rm,sudo,deploy) without explicit user consent, ensuring the generated tools follow the principle of least privilege.
Audit Metadata