Skills
skills/vijaykpatel/favorite_skills_and_plugins/continuous-claudemd-updates/Gen Agent Trust Hub

continuous-claudemd-updates

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • COMMAND_EXECUTION (SAFE): The scripts analyze_changes.py and audit_claudemd.py execute local git commands using subprocess.run to analyze repository state.
  • Evidence: Use of subprocess.run with hardcoded command lists (git diff, git log, git ls-files) in scripts/analyze_changes.py and scripts/audit_claudemd.py.
  • Context: Arguments are passed as lists without shell=True, preventing shell command injection. The primary purpose of the skill is repository analysis.
  • DATA_EXPOSURE (SAFE): The audit script checks for the existence of files referenced in CLAUDE.md to ensure documentation accuracy.
  • Evidence: os.path.exists(filepath) is used on paths extracted from documentation in scripts/audit_claudemd.py.
  • Context: The script only verifies file existence and does not read or transmit sensitive file contents.
  • PROMPT_INJECTION (SAFE): The skill contains guidelines for instructing AI agents via documentation.
  • Evidence: references/guidelines.md defines how an agent should interpret CLAUDE.md.
  • Context: This is the intended core functionality of the skill. No malicious bypass or override patterns were detected in the provided templates or guidelines.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:43 PM