crank
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references and fetches documentation, feature contracts, and changelogs from Anthropic's official GitHub repository and website for configuration and compliance checks.
- [COMMAND_EXECUTION]: Orchestrates project workflows by executing standard development tools including git, go, npm, make, and pytest. It includes a
run_restricted()mechanism that limits workers to a specific allowlist of binaries to mitigate command injection risks. - [PROMPT_INJECTION]: As an indirect injection surface, the skill ingests external issue descriptions and plan metadata which are interpolated into delegated worker prompts. It mitigates this via structured data handoffs, mandatory evidence chains, and isolated execution contexts.
- [TIME_DELAYED]: Includes a conditional logic gate for deprecation enforcement that triggers a failure state for legacy packets after June 30, 2026.
Audit Metadata