claude-vigil
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a set of instructions for managing project state using provided tools. It does not contain executable code, remote downloads, or obfuscated content.
- [DATA_EXPOSURE]: The skill mentions managing project files but emphasizes respecting
.gitignoreto avoid derived or sensitive directories likenode_modulesorvenv. - [PROMPT_INJECTION]: The skill involves reading project data which presents an inherent indirect prompt injection surface. However, it includes a verification step (
vigil_diff) in its recommended workflow, allowing the user to review changes before a restoration is applied.
Audit Metadata