Skills
skills/redpanda77/skills/writing-claude-md/Gen Agent Trust Hub

writing-claude-md

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill is well-documented and focuses on improving the efficiency and safety of AI agent interactions. It includes explicit guidelines to prevent common security risks, such as hardcoding credentials or secrets in project files.
  • [COMMAND_EXECUTION]: In references/setup.md, the skill instructs the agent to run standard discovery commands like ls, cat, and head to analyze the project structure. These commands are limited to local, read-only operations necessary for the skill's primary function of classifying the project and identifying relevant build tools.
  • [PROMPT_INJECTION]: The skill provides templates that include defensive instructions for agents, such as requiring human approval for irreversible actions (e.g., database migrations or deployments) and restricting modifications to out-of-scope directories.
  • [PROMPT_INJECTION]: (Indirect Prompt Injection Surface Analysis)
  • Ingestion points: The skill reads project documentation and configuration files such as README.md, package.json, and existing CLAUDE.md files (referenced in references/setup.md).
  • Boundary markers: The instructions do not define explicit delimiters or XML tags to wrap untrusted data during the analysis phase.
  • Capability inventory: The agent has the ability to read project files and write new markdown instruction files using the Write tool.
  • Sanitization: No explicit sanitization or filtering of external project content is mentioned before it is processed by the agent. While this creates a surface for indirect prompt injection if a project file contains malicious instructions, the skill's design focuses on rewriting this content into a safe, structured format.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 06:24 PM
Security Audit — agent-trust-hub — writing-claude-md