Skills
skills/alexpeclub/ai-coding-starter-kit/requirements/Gen Agent Trust Hub

requirements

Pass

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface detected. The skill processes untrusted user input and existing project files into documentation.
  • Ingestion points: User responses from AskUserQuestion and project data from docs/PRD.md.
  • Boundary markers: Absent; content is interpolated directly into templates.
  • Capability inventory: Read, Write, Edit, Glob, Grep, Bash, and AskUserQuestion.
  • Sanitization: None detected.
  • [COMMAND_EXECUTION] (SAFE): The Bash tool is used only for git ls-files to inspect the project structure, which is a benign and necessary operation for the skill's workflow.
  • [DATA_EXFILTRATION] (SAFE): No network tools are enabled, and no patterns for exfiltrating sensitive data to external domains were found.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 21, 2026, 05:04 PM