syncing-agent-output-preferences
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
rg(ripgrep) command-line utility to search for specific output formatting patterns across several agent configuration directories located in the user's home folder (e.g.,~/.claude,~/.codex). This is a functional requirement for the skill's purpose. - [PROMPT_INJECTION]: The skill interacts with external configuration files that could potentially contain indirect prompt injection content. 1. Ingestion points: Reads configuration files such as
AGENTS.mdandCLAUDE.mdfrom directories including~/.codex,~/.claude,~/.openclaw, and~/.hermes. 2. Boundary markers: The skill does not define specific delimiters or include instructions to ignore embedded commands when reading these files. 3. Capability inventory: The skill has the capability to search (rg), read, and overwrite these configuration files to update preferences. 4. Sanitization: There is no explicit sanitization or content validation performed on the data read from the configuration files before the agent processes or modifies them.
Audit Metadata