claude-agent-sdk-agent-creation

[Skill Scanner] Detected system prompt override attempt All findings: [CRITICAL] prompt_injection: Detected system prompt override attempt (PI004) [AITech 1.1] [CRITICAL] prompt_injection: Detected system prompt override attempt (PI004) [AITech 1.1] [CRITICAL] prompt_injection: Detected system prompt override attempt (PI004) [AITech 1.1] [CRITICAL] hardcoded_secrets: Hardcoded API key detected (HS001) [AITech 8.2] This SKILL.md appears to be an instructional configuration file for a Claude Agent SDK; its stated capabilities align with the documented behaviors. There is no direct evidence of malicious code or credential exfiltration in the file itself. The main security considerations are operational: granting the agent 'bash' and filesystem write/read powers and allowing user-level memory expands the attack surface and could permit accidental or intentional exposure of secrets if the agent is misused or over-permissioned. Use least privilege: prefer project-only settingSources, avoid giving Bash unless strictly necessary, enforce permissionMode:'strict', and ensure credentials are stored and scoped properly. LLM verification: The file is legitimate documentation for agent setup and contains no direct evidence of obfuscated or malicious code. Primary concerns are operational: examples that grant shell access and broad filesystem permissions, and the inclusion of a hardcoded API key in an anti-pattern example (copy-paste risk). These increase the chance of secret exposure or arbitrary command execution if applied in production without proper sandboxing and policy enforcement. Recommend applying least privilege to tool