claude-consult
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill documents a pattern for ingesting untrusted codebase content into the agent's context for analysis by specialist roles. This establishes a surface for indirect prompt injection, where malicious instructions hidden in the analyzed codebase could attempt to subvert the agent's logic.\n
- Ingestion points: Local codebase files (e.g.,
src/auth/tests.py,src/api/handler.py) read by agents via theclaudeCLI.\n - Boundary markers: The documentation does not specify the use of delimiters or instructions to 'ignore' embedded commands in the files being analyzed.\n
- Capability inventory: Specialist agents can read and analyze repository structure, explain code logic, and perform security audits.\n
- Sanitization: No sanitization or validation of the processed codebase content is mentioned in the instructions.
Audit Metadata