Skills
skills/coderfee/ai/init-agent/Gen Agent Trust Hub

init-agent

Pass

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands (ln -s on Linux/macOS or New-Item on Windows) to create symbolic links between documentation files. It specifically requests the use of "PowerShell 管理员模式" (Administrator mode) on Windows to perform these operations.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads untrusted content from various project configuration files to generate instructions for other AI agents.
  • Ingestion points: The skill scans package.json, pyproject.toml, go.mod, Cargo.toml, composer.json, Makefile, and Dockerfile to identify the tech stack and project structure.
  • Boundary markers: The provided AGENTS.md template does not utilize specific delimiters or escape sequences to isolate data extracted from configuration files from the rest of the instruction set.
  • Capability inventory: The skill has the capability to read local files, write new documentation files, and execute shell commands to create symbolic links.
  • Sanitization: There is no mention of sanitizing or validating the content retrieved from project configuration files before it is incorporated into the generated AI instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 23, 2026, 02:24 AM