Skills
skills/byheaven/byheaven-skills/newproject/Gen Agent Trust Hub

newproject

Pass

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs various shell operations to initialize repositories (git init), manage tags (git tag), and configure GitHub repository settings via the gh CLI (e.g., branch protection, workflow permissions).
  • [EXTERNAL_DOWNLOADS]: The skill installs widely-used development and linting tools (such as ESLint, Prettier, Ruff, and Commitlint) from official package registries like NPM and PyPI. It also utilizes official GitHub Actions for CI/CD and security analysis.
  • [DATA_EXFILTRATION]: The skill ingests local project files (package.json, README.md, go.mod) to infer project context and tech stack. This data is used locally to guide the setup process; no evidence of exfiltration to unauthorized external domains was found.
  • [PROMPT_INJECTION]: The instructions are focused on project scaffolding and do not contain override markers, role-play injections, or instructions to disregard safety filters.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 25, 2026, 02:08 AM