scratchpad

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill manages a local markdown file named SCRATCHPAD.md at the repository root and ensures it is gitignored to prevent accidental commits.
  • [COMMAND_EXECUTION]: Uses standard development tools including git rev-parse and the GitHub CLI (gh issue create) for repository and task management.
  • [SAFE]: Implements a transparent opt-in mechanism for modifying the CLAUDE.md configuration file to enable automated note-taking.
  • [PROMPT_INJECTION]: The skill processes project-local notes, which creates an ingestion surface for data.
  • Ingestion points: Reads SCRATCHPAD.md in the current repository.
  • Boundary markers: Content is organized using standard markdown headers.
  • Capability inventory: Includes shell command execution and file system writes.
  • Sanitization: No specific content sanitization is mentioned, though risk is limited to the local project context.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 12:02 PM
Security Audit — agent-trust-hub — scratchpad