anthropic-docs
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists exclusively of markdown documentation files mirrored from the official Anthropic developer documentation.
- [COMMAND_EXECUTION]: Static analysis flagged a fork bomb signature in
references/agents-and-tools/tool-use/bash-tool.md. Review of the file content reveals this is part of a documentation section teaching users how to implement safety filters to block dangerous commands like fork bombs (:(){:|:&};:). This is a benign documentation example. - [SAFE]: No obfuscation, data exfiltration, or credential harvesting patterns were detected. The documentation mentions sensitive file paths (e.g.,
~/.aws/credentials) only to explain how to sanitize tool outputs in user-developed applications. - [SAFE]: No remote code execution or unauthorized package installations are performed by the skill itself. While many packages and curl commands are mentioned, they are presented as usage examples for the user's own development environment.
Audit Metadata