verify
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a project-local script located at .claude/scripts/verify-runner.js if detected during the workflow.
- [COMMAND_EXECUTION]: The skill automatically detects the project ecosystem and executes scripts defined in manifest files such as package.json, pyproject.toml, and Cargo.toml.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. If an untrusted repository defines malicious commands within its manifest scripts (e.g., in the lint or test fields), the agent will execute them.
- Ingestion points: Manifest files (package.json, pyproject.toml, Cargo.toml, go.mod, build.gradle) and the local script .claude/scripts/verify-runner.js.
- Boundary markers: None; the skill trusts and executes scripts defined in external files.
- Capability inventory: Shell execution via Bash with various prefixes (node, npm, python, etc.), file reading, and file discovery.
- Sanitization: None; script contents are executed without validation.
Audit Metadata