intent-init
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions to bypass safety filters or override system prompts were identified.
- [Data Exposure & Exfiltration] (SAFE): The skill identifies standard project paths (e.g.,
docs/,specs/) for initialization purposes. There are no attempts to access sensitive system files or exfiltrate data via network requests. - [Remote Code Execution] (SAFE): No external scripts are downloaded or executed. The provided JavaScript snippets are static patterns for file path and content marker detection.
- [Indirect Prompt Injection] (LOW):
- Ingestion points: Scans local project files (README, DESIGN, intent files) in SKILL.md.
- Boundary markers: Relies on
AskUserQuestionfor confirmation before actions. - Capability inventory: File system directory and template creation.
- Sanitization: Not explicitly defined in markdown, but risk is low for local initialization tasks.
- [Persistence & Privilege] (SAFE): No attempts to gain administrative privileges or establish persistence mechanisms were detected.
Audit Metadata