claude-exec
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is purely instructional and does not contain any executable scripts or hidden code. It provides documentation for using a legitimate CLI tool.
- [COMMAND_EXECUTION]: The skill describes how to invoke the
claudeCLI via the Bash tool. It promotes security best practices by suggesting flags like--no-session-persistence,--bare, and--max-budget-usdto maintain a controlled execution environment. - [PROMPT_INJECTION]: The skill documents an interface for delegating tasks to a sub-agent, which is a surface for indirect prompt injection. 1. Ingestion points: User-provided
<task>string interpolated into bash commands. 2. Boundary markers: The skill recommends using the--flag for explicit argument separation. 3. Capability inventory: The sub-agent's capabilities are managed through flags like--allowedToolsand--disallowedTools. 4. Sanitization: No specific input sanitization is defined within the skill itself. This attack surface is inherent to the tool's function and is documented with mitigation strategies.
Audit Metadata