claude-code-docs
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs standard file system and shell operations (ls, grep) to locate and search local documentation files. No evidence of malicious behavior, data exfiltration, or unauthorized access was detected.\n- [PROMPT_INJECTION]: An indirect prompt injection surface is present because the skill reads and processes local markdown files. This behavior is expected and necessary for its stated purpose as a documentation search tool.\n
- Ingestion points: Local markdown files (*.md) located in documentation directories like
~/github/*/claude-docs/claude-code/docs/.\n - Boundary markers: Absent; the skill does not instruct the agent to use specific delimiters or ignore instructions found within the document files.\n
- Capability inventory: Shell command execution (grep) and file system read access.\n
- Sanitization: No sanitization or validation of the documentation content is performed before it is processed by the agent.
Audit Metadata