c15t
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill processes external documentation from an untrusted source but implements a robust defense-in-depth strategy. 1. Ingestion points: Fetches llms.txt and markdown files from https://v2.c15t.com. 2. Boundary markers: Uses explicit [BEGIN UNTRUSTED_DOC] and [END UNTRUSTED_DOC] tags. 3. Capability inventory: Skill can read local config files and execute pinned CLI commands. 4. Sanitization: Strictly instructs the agent to treat docs as facts only and ignore any embedded operational instructions.
- Command Execution (SAFE): The skill facilitates the use of the @c15t/cli tool for project setup. It mitigates execution risks by requiring the agent to pin the exact version (avoiding @latest) and obtain explicit user confirmation before running any npx or dlx commands.
- Data Exposure (SAFE): Local file access is limited to a 'quick local probe' of project manifests (package.json) and lockfiles to understand integration state, which is a standard and safe practice for developer tools.
Audit Metadata