claude-agent-sdk
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a documentation resource for building agents with the Anthropic Claude Agent SDK. All code examples follow standard SDK usage patterns.
- [COMMAND_EXECUTION]: The skill documents the
Bashtool and terminal operations. It correctly identifies the security risks associated with arbitrary command execution and provides mitigations through permission modes (likeplanandacceptEdits) and hooks to intercept and block dangerous calls. - Evidence: SKILL.md discusses
permissionModesettings to control tool execution. - Evidence: references/hooks.md provides examples of blocking dangerous file paths like
/etcor.envusing PreToolUse hooks. - [EXTERNAL_DOWNLOADS]: References official SDK packages and common MCP servers. These are from well-known and trusted sources.
- Evidence: Mentions
claude-agent-sdk,@anthropic-ai/claude-agent-sdk, and@playwright/mcp. - [DATA_EXFILTRATION]: No malicious data exfiltration patterns detected. Examples showing network requests (e.g., Slack notifications or API lookups) use placeholders and are presented as implementation patterns for developer-controlled infrastructure.
- Evidence: references/hooks.md includes a placeholder Slack webhook example for notifications.
- [PROMPT_INJECTION]: No prompt injection or behavior override instructions were found. The use of system prompts for subagent definitions is functional and intended for task specialization.
- Evidence: references/subagents.md defines subagents with specific personas using prompts.
Audit Metadata