harness
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill audits and processes project-specific documentation such as CLAUDE.md and design files, which creates an indirect prompt injection surface where these files could contain instructions that influence agent behavior.\n
- Ingestion points: Reads various local configuration and project artifacts listed in
commands/audit.md(e.g., .cursorrules, AGENTS.md, package manifests).\n - Boundary markers: The skill methodology does not explicitly define delimiters or boundary instructions to isolate the content of these files from the agent's core instructions.\n
- Capability inventory: The skill has permissions to read/write local files and can be configured to execute shell commands via script hooks.\n
- Sanitization: No content-specific sanitization or validation of the processed files is described in the skill's instructions.\n- [COMMAND_EXECUTION]: The skill framework includes support for 'Script hooks' which are intended to run local shell commands (like linters or formatters) and instructs the agent to document and utilize project build, test, and run commands.
Audit Metadata