Skills
skills/aradotso/claude-code-skills/claude-code-analysis-research/Gen Agent Trust Hub

claude-code-analysis-research

Warn

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions for the agent to fetch external content from an untrusted repository (github.com/liuup/claude-code-analysis.git) and to extract an archive (src.zip) from that source.\n- [COMMAND_EXECUTION]: The skill encourages the use of shell commands such as git clone, unzip, cat, ls, and tail to retrieve and inspect data from external, non-verified sources.\n- [INDIRECT_PROMPT_INJECTION]: The skill is designed to process external research documents and source code which represent an untrusted data ingestion surface. (1) Ingestion points: File reads of analysis markdown and extracted source files. (2) Boundary markers: Absent. (3) Capability inventory: Subprocess execution via shell commands for file management and exploration. (4) Sanitization: None identified.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 16, 2026, 11:49 PM
Security Audit — agent-trust-hub — claude-code-analysis-research