Skills
skills/effeilo/claude-code-frontend-skills/front-comments/Gen Agent Trust Hub

front-comments

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it is instructed to read existing comments from user-provided files and 'reintegrate' their semantic content into new documentation blocks.
  • Ingestion points: The agent reads the contents of the target file to extract existing comments, as defined in SKILL.md.
  • Boundary markers: Absent. No specific delimiters or 'ignore' instructions are provided for the extracted text.
  • Capability inventory: The skill uses Read, Edit, Write, and Glob tools to manipulate files.
  • Sanitization: Absent. There is no validation or filtering of the extracted comment content before it is rewritten into the file.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 01:52 PM
Security Audit — agent-trust-hub — front-comments