claude-settings-audit
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it instructs the agent to read and analyze untrusted files from the repository to determine the tech stack.
- Ingestion points: Repository manifest files including package.json, pyproject.toml, and Gemfile.
- Boundary markers: Absent.
- Capability inventory: The skill recommends enabling a wide range of shell commands including 'gh api:*' and 'git log'.
- Sanitization: Absent.
- [COMMAND_EXECUTION]: Uses 'ls' and 'find' to map project structure and 'cat' to read existing configuration files.
- [EXTERNAL_DOWNLOADS]: Suggests integrating well-known services (Sentry, Linear) and uses 'npx' to execute the '@linear/mcp-server' package from a well-known registry.
Audit Metadata