update-claudemd
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The process is local and includes a user-approval checkpoint before any modifications are made.
- [COMMAND_EXECUTION]: Shell access is strictly limited to metadata-gathering tools (wc, git) and basic file operations (mkdir, cp) within the project scope.
- [PROMPT_INJECTION]: The skill analyzes external codebase data, creating a potential indirect prompt injection surface. This is addressed by the structured summarization process and the Phase 5 human-in-the-loop validation requirement.
Audit Metadata