audit-skills
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized behaviors were detected in the skill instructions. The functionality is consistent with its stated purpose as an administrative developer utility for auditing workspace and plugin skills.\n- [INDIRECT_PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it is designed to ingest and process external data in the form of third-party skill files.\n
- Ingestion points: Local skill directories (
.claude/skills/) and global plugin directories (~/.claude/plugins/or%USERPROFILE%\\.claude\\plugins\\).\n - Boundary markers: None specified in the instructions for separating ingested content from the auditor's control flow.\n
- Capability inventory: The skill utilizes
Bash,Read,Write,Task, andGreptools, and describes the ability to spawn subagents (skill-auditor,audit-finding-validator).\n - Sanitization: No explicit sanitization or validation of the input skill content is mentioned in the audit logic.
Audit Metadata