Skills
skills/jochenyang/jochen-ai-rules/skills-audit/Gen Agent Trust Hub

skills-audit

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
  • [SAFE]: The skill is a standard management tool that performs read-only audits of the agent's own extensions to provide optimization recommendations to the user.
  • [COMMAND_EXECUTION]: The skill involves scanning local directories (~/.claude/skills/ and .claude/skills/) and reading file contents (SKILL.md), which are legitimate administrative actions for an audit tool.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes external skill data.
  • Ingestion points: Reads SKILL.md files from local skill directories.
  • Boundary markers: None present.
  • Capability inventory: The skill does not define or require network access, file-write permissions, or high-privilege subprocess capabilities.
  • Sanitization: No explicit sanitization or validation of audited skill content is performed.
  • [NO_CODE]: This skill is composed of markdown instructions and does not include any executable scripts, binaries, or third-party package dependencies.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 03:12 AM
Security Audit — agent-trust-hub — skills-audit