skills/tw93/claude-health/hunt/Gen Agent Trust Hub

hunt

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [SAFE]: The skill instructions enforce a strict diagnosis-first protocol, requiring evidence and hypotheses before code modifications, which minimizes the risk of accidental or malicious side effects.
  • [COMMAND_EXECUTION]: The skill uses standard local commands (git, grep, node, sw_vers) for debugging purposes. These operations are limited to the local development environment and are standard practice for the intended use case.
  • [INDIRECT_PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes untrusted local data such as logs and project source code. 1. Ingestion points: Reads application logs, source code files, and git commit history. 2. Boundary markers: No specific delimiters are mandated for isolating untrusted log data from instructions. 3. Capability inventory: The agent can execute git commands and grep, which are used to search and navigate the repository. 4. Sanitization: No explicit sanitization of log content or code comments is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 04:55 PM
Security Audit — agent-trust-hub — hunt