setup
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill functions as a dispatcher, routing user input to internal agent commands within the 'oh-my-claudecode' namespace. It performs no direct system-level actions such as file manipulation or network requests.
- [PROMPT_INJECTION]: User input is ingested via the {{ARGUMENTS}} template variable. The skill lacks any instructions to bypass safety filters or ignore prior rules, maintaining a safe instructional posture.
- [EXTERNAL_DOWNLOADS]: There are no references to external URLs, remote scripts, or package installations within the skill file. The mentioned setup functionality is handled by internal routing.
- [SAFE]: Indirect Prompt Injection surface analysis: (1) Ingestion: User input is passed through the
{{ARGUMENTS}}template. (2) Boundaries: No explicit delimiters or 'ignore' instructions are used for user data. (3) Capabilities: Routing is restricted to internal sub-skills with no direct shell or code execution calls in this file. (4) Sanitization: None present. The limited routing scope and internal targeting represent a low-risk structural pattern.
Audit Metadata