function-length-and-responsibility
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The SKILL.md file defines a mandatory Memory Protocol that instructs the agent to execute 'cat .claude/context/memory/learnings.md' before starting a task. This is a standard pattern for context management in certain agent environments.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to review and process arbitrary project files (using the glob '**/.').
- Ingestion points: Project files matching the global pattern are ingested via the Read and Edit tools.
- Boundary markers: Absent; the instructions do not define delimiters for user-provided code or provide instructions to ignore embedded commands within the files.
- Capability inventory: The skill utilizes Read, Write, and Edit tools, and allows for shell command execution through its memory protocol.
- Sanitization: Absent; there is no evidence of content filtering or sanitization of the files being analyzed.
Audit Metadata