Skills
skills/alirezarezvani/claudeforge/claude-md-link-check/Gen Agent Trust Hub

claude-md-link-check

Pass

Audited by Gen Agent Trust Hub on Jun 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes shell commands (find, test, ls) to inventory and verify file paths on the local system as part of its primary diagnostic functions.
  • [PROMPT_INJECTION]: The skill parses untrusted data from user arguments and project files (CLAUDE.md) to resolve file paths, which presents an indirect prompt injection surface.
  • Ingestion points: User-supplied $ARGUMENTS and path strings extracted from project CLAUDE.md files.
  • Boundary markers: Absent; there are no specific instructions or delimiters used to ensure the agent ignores potentially malicious instructions embedded within the files it reads.
  • Capability inventory: Extensive file system access via Read, Glob, Grep, and restricted Bash operations (find, test, ls).
  • Sanitization: No explicit validation or sanitization of the extracted path strings is performed before they are used in file system checks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 24, 2026, 10:09 AM
Security Audit — agent-trust-hub — claude-md-link-check