source-command-ccguide-daily

Pass

Audited by Gen Agent Trust Hub on May 26, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill instructions define a workflow for retrieving and comparing documentation using designated MCP tools. It does not contain any malicious code, prompt injections, or unauthorized data access patterns.
  • [PROMPT_INJECTION]: The skill processes external data (Anthropic documentation and release digests), which represents a surface for indirect prompt injection. The risk is assessed as safe because the skill's capabilities are limited to reporting and it does not have access to dangerous system functions.
  • Ingestion points: External data is ingested via refresh_official_docs and get_digest MCP tools as specified in SKILL.md.
  • Boundary markers: No explicit boundary markers or 'ignore' instructions are used to delimit external content.
  • Capability inventory: The skill uses tools for retrieval and comparison; no high-risk capabilities like shell execution, file writing, or unauthorized network operations are present.
  • Sanitization: No content sanitization or validation is specified for the retrieved data.
Audit Metadata
Risk Level
SAFE
Analyzed
May 26, 2026, 10:40 AM
Security Audit — agent-trust-hub — source-command-ccguide-daily