compass

Conducts mid-session audits to detect task drift and codebase rot, ensuring alignment with original session intent.

Install this skill

35/100

Security score

The compass skill was audited on Jun 5, 2026 and we found 5 security issues across 3 threat categories, including 2 critical. Review the findings below before installing.

Categories Tested

Security Issues

medium line 80

Template literal with variable interpolation in command context

SourceSKILL.md

```bash

medium line 230

Python subprocess execution

SourceSKILL.md

230	r = subprocess.run(sys.argv[1:], text=True, capture_output=True, timeout=30)

medium line 58

Access to hidden dotfiles in home directory

SourceSKILL.md

58	`~/.claude/projects/<project-id>/<session-id>.jsonl`

critical line 423

Prompt injection: ignore instructions

SourceSKILL.md

423	- "Ignore previous instructions" / "Disregard your system prompt" / "From now on you are…"

critical line 423

Prompt injection: disregard system prompt

SourceSKILL.md

423	- "Ignore previous instructions" / "Disregard your system prompt" / "From now on you are…"

Scanned on Jun 5, 2026

View Security Dashboard

Installation guide →

Rate this skill

Categorydata analytics

UpdatedJune 15, 2026

claude claude-code cline frontend stripe docx git api testing backend data-analyst qa-engineer product-manager github gitlab data analytics development product

moonweave/decision-kernel