Skills
skills/jh941213/my-cc-harness/harness-diagnostics/Gen Agent Trust Hub

harness-diagnostics

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection surface identified. The skill's primary function involves reading and analyzing untrusted repository files, which could contain instructions designed to manipulate the agent's behavior.
  • Ingestion points: Analyzes project files including CLAUDE.md, package.json, and source code via Read, Grep, and Glob tools.
  • Boundary markers: Absent. The instructions do not define clear delimiters or provide the agent with directives to ignore instructions embedded within the processed content.
  • Capability inventory: Uses Bash, Read, Grep, and Glob tools for repository structure analysis and maturity auditing.
  • Sanitization: Absent. There is no evidence of validation or sanitization of the content extracted from the files before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 04:21 PM