project-setup
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to perform administrative tasks including git initialization, directory creation, and dependency installation via npm, pnpm, yarn, poetry, and pip.\n- [EXTERNAL_DOWNLOADS]: Fetches boilerplate configurations and integrates with services from trusted organizations including GitHub and Datadog.\n- [PROMPT_INJECTION]: The skill monitors existing file structures in the
~/Codedirectory for configuration details, which creates a surface for indirect prompt injection if those local files contain malicious instructions.\n - Ingestion points: Reads files and directory metadata from the user's local
~/Codepath.\n - Boundary markers: No specific delimiters or warnings are used to prevent the agent from following instructions embedded in the scanned files.\n
- Capability inventory: The agent is granted access to high-impact tools including Bash, Read, Write, and Edit.\n
- Sanitization: There is no evidence of content sanitization or validation for data retrieved from the local filesystem.
Audit Metadata