skill-reliability
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill runs bundled Python scripts, specifically
scripts/inventory.pyandscripts/trigger_lint.py, to parse markdown files and perform reliability score calculations. These scripts are local to the skill and do not perform network operations. - [SAFE]: The workflow involves reading skill definition files from local directories, including
.claude/skills/and~/.claude/skills/. This file access is restricted to the intended purpose of the tool and does not involve exfiltration of sensitive data. - [SAFE]: The skill provides a surface for indirect prompt injection as it ingests content from external skill files during its analysis phase.
- Ingestion points: Reads
SKILL.md,references/, andinstructions/directories from user-specified skill paths. - Boundary markers: Not present.
- Capability inventory: The skill can perform write operations to
SKILL.mdfiles to apply recommended improvements. - Sanitization: Content is parsed using regular expressions for identification of headings and metadata; however, it is not explicitly sanitized before being presented to the user for confirmation.
Audit Metadata