init-python-project
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute initialization commands, including directory creation, environment setup via uv, and git configuration. These commands are necessary for the tool's core functionality.
- [EXTERNAL_DOWNLOADS]: The skill performs git clone operations from user-specified GitHub SSH URLs and installs Python dependencies from the Python Package Index.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection when performing enhancement tasks on existing codebases.
- Ingestion points: The agent reads content from untrusted external files, such as pyproject.toml and README.md, during the analysis phase.
- Boundary markers: No explicit delimiters are defined to separate untrusted file data from the agent's instruction context.
- Capability inventory: The toolset includes Bash and Write, which could be misused if malicious instructions from a cloned repository are executed.
- Sanitization: The skill does not implement any validation or filtering logic for the content ingested from the external repositories.
Audit Metadata