Skills
skills/anegri93/agent-skills/create-new-project/Gen Agent Trust Hub

create-new-project

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Unverifiable Dependencies & Remote Code Execution] (MEDIUM): The skill executes shell and PowerShell scripts to scaffold a new project, which involves running npx and pnpm to download and execute remote CLI tools like shadcn.
  • [EXTERNAL_DOWNLOADS] (MEDIUM): Multiple dependencies are downloaded from the npm registry. While packages from vercel and supabase are trusted per policy, other tools like shadcn and various UI libraries are not on the trusted list.
  • [Privilege Escalation] (LOW): The PowerShell script uses -ExecutionPolicy Bypass to circumvent local script execution restrictions.
  • [Indirect Prompt Injection] (MEDIUM): The skill generates a public API route that processes untrusted external JSON data. Evidence: (1) Ingestion point: src/app/api/v1/public/orders/route.ts. (2) Boundary markers: Absent. (3) Capability: Performs database write operations using the high-privilege SUPABASE_SERVICE_ROLE_KEY. (4) Sanitization: Uses zod for schema validation as a mitigation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 08:58 AM