claude-coach
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to provide educational feedback on user prompts. All logic is contained within local markdown instructions and Python scripts.
- [COMMAND_EXECUTION]: The skill uses three local Python scripts (
cheat_code_filter.py,prompt_rater.py,coach_tip_classifier.py). These scripts use standard libraries only and perform text processing/heuristics without executing arbitrary shell commands or user-supplied input. - [DATA_EXFILTRATION]: No network operations or external URL references were found in the scripts or instructions. Data processing remains entirely local to the agent session.
- [PROMPT_INJECTION]: The skill instructions emphasize 'answer first, coach second' and include clear suppression rules if the user asks to stop, preventing the coach persona from interfering with the user's primary tasks or overriding safety guidelines.
- [CREDENTIALS_UNSAFE]: No hardcoded credentials or access to sensitive local environment files (like .aws/config or .ssh) were detected.
Audit Metadata