quick
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill operates entirely within the local repository context to assist with small coding tasks. No malicious intent or suspicious external communications were detected.
- [COMMAND_EXECUTION]: The skill uses Bash to invoke standard local tools such as git for version control, date for ID generation, and existing project compilers or linters for verification. These commands are executed locally and are consistent with the skill's role as a developer aid.
- [PROMPT_INJECTION]: Analysis confirms the absence of instructions intended to bypass safety filters, extract system prompts, or override the agent's core behavioral guidelines.
- [INDIRECT_PROMPT_INJECTION]: The skill possesses an inherent attack surface for indirect prompt injection because it reads repository content (e.g., CLAUDE.md, source files) to build context.
- Ingestion points: Reads local configuration (CLAUDE.md, STATE.md) and project source files.
- Boundary markers: None identified; the skill does not wrap ingested content in specific security delimiters.
- Capability inventory: The skill has access to Bash for command execution and Write/Edit tools for file modification.
- Sanitization: No sanitization is applied to the content of files before processing.
Audit Metadata