syncing-agent-output-preferences

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the rg (ripgrep) command-line utility to search for specific output formatting patterns across several agent configuration directories located in the user's home folder (e.g., ~/.claude, ~/.codex). This is a functional requirement for the skill's purpose.
  • [PROMPT_INJECTION]: The skill interacts with external configuration files that could potentially contain indirect prompt injection content. 1. Ingestion points: Reads configuration files such as AGENTS.md and CLAUDE.md from directories including ~/.codex, ~/.claude, ~/.openclaw, and ~/.hermes. 2. Boundary markers: The skill does not define specific delimiters or include instructions to ignore embedded commands when reading these files. 3. Capability inventory: The skill has the capability to search (rg), read, and overwrite these configuration files to update preferences. 4. Sanitization: There is no explicit sanitization or content validation performed on the data read from the configuration files before the agent processes or modifies them.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 11:15 AM
Security Audit — agent-trust-hub — syncing-agent-output-preferences