grove-init
Warn
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Persistence Mechanisms (MEDIUM): The skill creates an executable git hook at
.grove/hooks/post-clone. Git hooks are a persistence vector as they execute automatically during git operations. Severity is adjusted because this is the skill's stated purpose. - Command Execution (MEDIUM): The skill executes multiple system commands including
chmod +xandgrove init, and suggests executing build commands based on repository contents. - External Downloads (LOW): Build commands such as
npm run buildorpoetry installare suggested, which typically download packages from external registries. - Dynamic Execution (MEDIUM): The skill writes a script to the file system and subsequently makes it executable using
chmod +x.
Audit Metadata