skills/hiyeshu/codeck/codeck-speech/Gen Agent Trust Hub

codeck-speech

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local shell script at $HOME/.claude/skills/codeck/scripts/status.sh to retrieve project status. It also creates a local project directory using mkdir -p within the user's home folder.
  • [PROMPT_INJECTION]: The skill processes untrusted content from local HTML and Markdown files (outline.md, design-notes.md), creating a surface for indirect prompt injection.
  • Ingestion points: Reads *-r*.html files and Markdown documents from the current project directory.
  • Boundary markers: Absent; there are no instructions to use specific delimiters or ignore instructions found within the ingested slide content.
  • Capability inventory: The skill can execute local bash scripts and perform file write operations, including modifying existing HTML files.
  • Sanitization: Present; the instructions specifically mandate HTML-escaping of quotes for data-notes attributes to prevent structural corruption of the HTML slides.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 02:31 AM
Security Audit — agent-trust-hub — codeck-speech