project-memory
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill is a documentation file that provides architectural guidance for setting up 'CLAUDE.md' and related rule files. All provided templates and examples are benign and follow legitimate software engineering patterns.
- [COMMAND_EXECUTION] (SAFE): The skill includes 'Bash' in its allowed tools but limits its command examples to standard development tasks such as 'npm test', 'npm run build', and 'npm run lint' within documentation templates.
- [PROMPT_INJECTION] (SAFE): No direct prompt injection or safety bypass attempts were detected. While the skill defines a system that processes project-specific instructions (which is a surface for indirect prompt injection from untrusted repositories), the skill itself is a safe set of guidelines for organizing that memory.
- [DATA_EXFILTRATION] (SAFE): No network operations, credential hardcoding, or external exfiltration patterns were identified.
Audit Metadata