init
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses platform-specific shell commands to manage documentation files. It executes
rmandln(Unix) orRemove-ItemandNew-Item(PowerShell) to delete existing files and create symbolic links forCLAUDE.mdpointing toAGENTS.mdin the local directory. - [PROMPT_INJECTION]: The skill reads data from potentially untrusted project files (such as
README.md,.cursorrules, and Copilot instructions) to populate theAGENTS.mdfile. This creates a surface for indirect prompt injection if those files contain malicious instructions. - Ingestion points:
README.md,.cursor/rules/,.cursorrules, and.github/copilot-instructions.md(processed in SKILL.md). - Boundary markers: Not utilized; the skill does not wrap ingested content in safety delimiters.
- Capability inventory: Local file system manipulation (delete/symlink).
- Sanitization: None; instructions direct the agent to include "important parts" of the found documentation directly.
Audit Metadata