claude-md-progressive-disclosurer

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill defines shell scripts for the agent to execute, performing tasks like file backup (cp), reading from git history (git show), and verifying file references (grep, test). These scripts are correctly implemented to avoid command injection by using quoted variable expansions.
  • [INDIRECT_PROMPT_INJECTION]: The skill's core functionality involves reading and reorganizing content from CLAUDE.md and other documentation files. This creates an attack surface where malicious instructions within the documentation could influence the agent.
  • Ingestion points: Untrusted content is read from CLAUDE.md and docs/references/*.md (SKILL.md).
  • Boundary markers: None identified; the skill processes chunks of text based on markdown headers.
  • Capability inventory: The agent can read/write local files and execute shell commands (grep, git, sed) to perform the optimization.
  • Sanitization: No sanitization or filtering is applied to the content being processed.
  • [SAFE]: No external network connections, unauthorized data exfiltration, or remote code execution patterns were detected. The skill's operations are confined to the local environment and intended project files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 01:43 PM
Security Audit — agent-trust-hub — claude-md-progressive-disclosurer