initialize-project
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to execute a variety of standard system commands for project analysis (ls, find, grep, head, git) and environment management (npm, pip, go, cargo, nvm, pyenv, gvm, rustup). These commands are consistent with the skill's primary purpose of project bootstrapping and use well-known, trusted package registries and toolchains.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its analysis of external codebase data.\n
- Ingestion points: The agent is instructed to read file names, directory structures, and git history logs in
SKILL.mdto determine project context.\n - Boundary markers: There are no explicit delimiters or system-level instructions provided to ensure the agent ignores potentially malicious natural language instructions embedded within the codebase being analyzed.\n
- Capability inventory: The agent has the capability to execute subprocesses, install packages, and write files, which could be exploited if malicious data from the project influences its logic.\n
- Sanitization: The skill does not implement any validation or sanitization of the data retrieved from the local environment before incorporating it into the project documentation or decision-making process.
Audit Metadata