audit-statuslines
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE]: The skill accesses user and project settings files (e.g., ~/.claude/settings.json) to identify configured status line scripts. This involves reading local configuration data which is necessary for the skill's core function.
- [COMMAND_EXECUTION]: The skill utilizes the Bash and Task tools to spawn subagents and execute script validation audits. This behavior is documented and appropriate for the skill's auditing purpose.
- [PROMPT_INJECTION]: There is a surface for indirect prompt injection as the skill processes script content and configuration values. 1. Ingestion points: settings.json files and external status line script files. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded content were found. 3. Capability inventory: Bash tool, Task tool, and subagent management. 4. Sanitization: No sanitization or validation of the script contents before audit processing was specified.
Audit Metadata