codeck-review
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell scripts located in the skill's internal directory (e.g.,
~/.claude/skills/codeck-design/scripts/assemble.sh) to perform project maintenance and assembly tasks. These are standard operations for this skill's suite. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it reads and processes multiple user-controlled project files to determine its review logic and apply fixes.
- Ingestion points: Reads project metadata and content from
outline.md,design-notes.md,DESIGN.md,diagnosis.md,custom.css, andslides.htmlin the user's project directory. - Boundary markers: Absent. The skill does not instruct the agent to use delimiters or specific safety instructions when processing the content of these files.
- Capability inventory: The agent can modify local files and execute local shell scripts to assemble the presentation.
- Sanitization: The skill does not mention sanitization or validation of the content ingested from these files before using it to influence agent behavior.
Audit Metadata