Skills
skills/yeachan-heo/oh-my-claudecode/skillify/Gen Agent Trust Hub

skillify

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill directs the agent to write new markdown files to the local file system, specifically targeting ${CLAUDE_CONFIG_DIR:-~/.claude}/skills/omc-learned/ or .omc/skills/. This creates persistent agent capabilities that will be active in future sessions.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its ingestion of session history.
  • Ingestion points: The skill processes the current session's conversation and actions as the source for the new skill draft (SKILL.md).
  • Boundary markers: There are no boundary markers or instructions to treat session data as untrusted while extracting the workflow.
  • Capability inventory: The skill allows the writing of new skill files to directories used by the agent for loading tools and instructions.
  • Sanitization: The skill lacks technical sanitization or validation steps to ensure that malicious instructions in the session history are not converted into permanent skill logic.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 07:07 PM