skill-context-detection
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes shell command logic intended to read internal configuration files like
~/.claude-octopus/config/knowledge-mode. These operations are used to honor explicit user configuration for the tool's operating mode and are limited to the application's own configuration directory. - [SAFE]: The project context detection algorithm analyzes the filesystem for standard developer artifacts such as
package.json,Cargo.toml, and directory structures likesrc/. This is a passive inspection for classification purposes and does not modify the environment. - [SAFE]: Although the skill ingests user prompts for context detection (Category 8 surface), it uses simple keyword matching for classification rather than direct prompt interpolation into executable commands. Capability inventory is limited to local classification.
- [SAFE]: No evidence of prompt injection bypasses, obfuscated URLs, or unauthorized data exfiltration was found. The skill does not make network connections or download external content.
Audit Metadata