onboard
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill analyzes potentially untrusted project data such as
CLAUDE.md, source code, and git logs. While this presents a surface for indirect prompt injection, the agent's capabilities are restricted to local file operations, minimizing risk. * Ingestion points:CLAUDE.md,.claude/agents/,src/,design/,tests/,production/, and git history. * Boundary markers: None. * Capability inventory:Read,Glob,Grep,Write. * Sanitization: None. - [COMMAND_EXECUTION]: The skill instructions mention reading
git log, which requires command execution in most environments. However, the skill's allowed-tools are strictly limited to file system access, and the operation is used solely for project summarization.
Audit Metadata