Skills
skills/a-green-hand-jack/ml-research-skills/project-init/Gen Agent Trust Hub

project-init

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs shell script execution and git operations using parameters provided by the user.
  • Evidence: Step 3 executes a local script ~/.claude/skills/init-latex-project/scripts/init.sh and Step 4 invokes init-python-project, both of which process user-supplied project names and paths within a shell environment.
  • Evidence: The skill uses git remote add and git push commands with SSH URLs provided by the user in Step 1 to configure repository remotes.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by incorporating unsanitized user descriptions into project files.
  • Ingestion points: The 'Research summary' field in Step 1 collects free-form text from the user.
  • Boundary markers: Absent. The summary is directly embedded into the PROJECT.md file and used to pre-fill content in LaTeX repository files without delimiters.
  • Capability inventory: The skill possesses Bash, Write, and Edit permissions, allowing it to execute system commands and modify the file system based on context derived from the summary.
  • Sanitization: Absent. No validation, escaping, or filtering is performed on the user-provided research summary before it is written to the file system.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 11:08 AM