claude-code
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Provides instructions to install the
@anthropic-ai/claude-codepackage globally from the official npm registry. - [COMMAND_EXECUTION]: Outlines various usage patterns for the
claudeCLI, including non-interactive execution and automated permission handling (--dangerously-skip-permissions). These commands are intended for delegating agentic coding tasks. - [PROMPT_INJECTION]: Identifies a potential surface for indirect prompt injection as the tool is designed to ingest and process project files which could contain untrusted data.
- Ingestion points: Reads local project files (e.g.,
src/,TODO.md) for analysis and refactoring. - Boundary markers: No explicit boundary markers or delimiters for untrusted content are specified in the instructions.
- Capability inventory: The tool has high capabilities, including reading, editing, and executing bash commands within the project environment.
- Sanitization: No sanitization steps are defined in the skill; it relies on the internal safety controls of the underlying CLI tool.
Audit Metadata