agentsmd-optimize
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands like
lsandwc -lto perform repository discovery and verify documentation claims against the actual file system state. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes user-provided documentation files.
- Ingestion points: The skill reads contents from
CLAUDE.md,AGENTS.md, and other repository files identified during discovery. - Boundary markers: The skill recognizes and protects auto-generated content marked by
<!-- vibeguard-start -->and<!-- vibeguard-end -->tags. - Capability inventory: The skill possesses file-read and file-write capabilities, along with shell execution for discovery commands (
ls,wc). - Sanitization: The skill explicitly instructs the agent to audit for instruction-override or concealment markers (referenced as SEC-13) and mandates user confirmation for all edits to high-context or global files.
Audit Metadata