creator-intelligence
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill's primary function is to ingest and act upon instructions found in project-specific
CLAUDE.mdfiles. - Ingestion points: Root-level and project-level
CLAUDE.mdfiles (specifically~/CLAUDE.md). - Boundary markers: Absent; the skill does not define specific delimiters or warnings to ignore instructions embedded within the context files.
- Capability inventory: The skill is configured to use MCP tools for
filesystem(read, write),database(query, insert), andemail(send). - Sanitization: Absent; no methods for validating or escaping the content of project files are specified.
- [DATA_EXFILTRATION]: Potential Information Exposure. The skill encourages users to store project architecture, personal preferences, and cross-session "Memory" in Markdown files. Instructing the agent to maintain a global memory file in the home directory (
~/CLAUDE.md) creates a high-value target for data harvesting if the agent processes untrusted project data. - [NO_CODE]: The skill contains only Markdown instructions and YAML configuration. No executable scripts or binary files are included in the package.
Audit Metadata