context-audit
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [DATA_EXFILTRATION]: The skill accesses local configuration and project files including settings.json, CLAUDE.md, skill definitions, and project memory files. This access is limited to the local environment and is required for the skill's primary function of auditing context usage. No network requests or exfiltration behaviors were identified.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and analyzes instructions and rules from project-level files that may contain untrusted data.\n
- Ingestion points: Accesses CLAUDE.md, .claude/skills//SKILL.md, and ~/.claude/projects//memory/*.md as specified in SKILL.md.\n
- Boundary markers: The skill lacks explicit delimiters or instructions to prevent the agent from being influenced by instructions contained within the audited files.\n
- Capability inventory: The skill possesses the capability to modify settings.json, CLAUDE.md, and .claudeignore based on the results of the audit.\n
- Sanitization: No sanitization or validation mechanisms are described for the content being read from the project environment.
Audit Metadata