project-claude-init

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill logic is restricted to local file reading and creation of a specific documentation file. No malicious obfuscation, credential theft, or unauthorized network activity was found.\n- [PROMPT_INJECTION]: The skill ingests data from untrusted local project files to assist the user.\n
  • Ingestion points: The skill reads project manifest files (e.g., package.json, pyproject.toml, go.mod) in Step 3 to detect the tech stack.\n
  • Boundary markers: A rendered preview is shown to the user in Step 5, and explicit user confirmation (y/edit/n) is required before any file is written.\n
  • Capability inventory: The skill's write capabilities are limited to creating a CLAUDE.md file at the project root and updating the agent's memory using the mem_save tool.\n
  • Sanitization: The skill relies on human-in-the-loop verification during the preview and confirmation step to ensure the generated content is correct and safe.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 08:41 AM
Security Audit — agent-trust-hub — project-claude-init