disable

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • File System Management: The skill performs file renaming operations (e.g., renaming SKILL.md to SKILL.md.disabled) to toggle the active state of other community skills. This is a standard administrative function for skill management.
  • Access Control and Validation: The instructions specify safety rules designed to restrict operations to community skills only, excluding first-party components. It also requires an explicit user confirmation step before any file system changes are applied, which helps prevent unintended modifications.
  • Logging and Auditing: The skill is designed to log its actions to a specific configuration path (~/.claude/plugins/config/claude-for-legal/legal-builder-hub/install-log.yaml). This provides an audit trail for the installation and status of community extensions.
  • Indirect Instruction Surface: The skill handles user-provided skill names to identify targets for disabling. While the instructions mandate validation against an install log, the processing of external names for file operations is a standard pattern that relies on the underlying system's sanitization during execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 09:46 PM
Security Audit — agent-trust-hub — disable