Skills
skills/alirezarezvani/claude-skills/decide/Gen Agent Trust Hub

decide

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill manages company memory by performing local file operations, including reading from user-provided paths and writing/appending to ~/.claude/decisions/ and ~/company-vault/.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes untrusted data from external memo files.
  • Ingestion points: Reads content from the file path provided in the <memo-path> argument (SKILL.md).
  • Boundary markers: Absent; there are no instructions to disregard potential commands embedded within the memo files.
  • Capability inventory: The skill has the ability to write files to the local file system (~/.claude/decisions/ and ~/company-vault/).
  • Sanitization: Absent; the skill does not specify any validation or sanitization logic for the data extracted from the memos.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 10:30 AM