Skills
skills/mizchi/skills/retrospective-codify/Gen Agent Trust Hub

retrospective-codify

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill workflow involves executing search commands like ls and Grep on local directories to manage rules. The search patterns are dynamically generated from task insights, which represents a standard use of agent tools for configuration management.- [PROMPT_INJECTION]: The skill processes existing rule and skill files to perform deduplication, creating a surface for Indirect Prompt Injection. \n
  • Ingestion points: Local configuration files located in ~/.claude/skills/ and CLAUDE.md. \n
  • Boundary markers: No explicit delimiters or instructions are used to ignore embedded commands during the read process. \n
  • Capability inventory: The skill can modify agent configuration and project rules. \n
  • Sanitization: Includes a mandatory confirmation step where the user must approve the proposed changes.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 07:35 AM
Security Audit — agent-trust-hub — retrospective-codify