Skills
skills/bernieweb3/hackathon-ai-devkit/hackathon-repo-bootstrap/Gen Agent Trust Hub

hackathon-repo-bootstrap

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill generates setup commands that instruct users to download and install third-party dependencies using standard package managers like npm and pip.
  • [COMMAND_EXECUTION]: The skill provides a structured sequence of shell commands for project initialization, environment setup, and local server execution.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by using untrusted user inputs to generate executable code and configuration files.
  • Ingestion points: The mvp_features and project_title inputs are ingested and used to populate the project scaffold described in SKILL.md.
  • Boundary markers: Boundary markers are absent; the skill does not use specific delimiters or instructions to treat input data as non-executable text.
  • Capability inventory: The skill produces shell commands in startup_commands and executable code snippets in llm_routing_scaffold and database_scaffold within SKILL.md.
  • Sanitization: Sanitization is absent; the skill does not perform validation or escaping of input data before interpolating it into the generated output templates.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 06:06 AM