add-journal
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill demonstrates safe behavior consistent with its stated purpose of medical research assistance. It lacks any patterns of prompt injection, obfuscation, or malicious command execution.
- [COMMAND_EXECUTION]: Uses standard file system tools (Read, Write, Edit, Grep, Glob) to organize and update journal profile Markdown files. Operations are scoped to the skill's reference directories and a specific local user directory ($HOME/.claude/private-journal-profiles/), which is a standard location for local application data.
- [EXTERNAL_DOWNLOADS]: Fetches content from external Author Guidelines URLs provided by the user. This is a functional requirement for metadata extraction and is performed using a web fetching tool rather than direct shell-based downloads or execution.
- [DATA_EXFILTRATION]: Analysis shows no evidence of unauthorized data harvesting. The skill identifies and processes only journal-related metadata and does not attempt to access sensitive user files such as SSH keys, environment variables, or cloud credentials.
Audit Metadata