Skills
skills/codervisor/forge/bootstrap/Gen Agent Trust Hub

bootstrap

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill generates an AGENTS.md file designed to provide persistent instructions to AI agents working within the scaffolded project. It also utilizes template interpolation that represents a surface for indirect prompt injection.
  • Ingestion points: User-provided strings such as {{PROJECT_NAME}}, {{NPM_SCOPE}}, and {{REPOSITORY_URL}} are collected as described in Step 1 of SKILL.md and injected into multiple template files.
  • Boundary markers: The templates do not utilize specific delimiters or escape sequences to separate user-provided data from instructional or configuration content.
  • Capability inventory: The bootstrap process grants the agent the ability to execute environment-altering commands like pnpm install, pnpm build, and cargo check during the verification phase.
  • Sanitization: There is no evidence of input validation or sanitization of the user-provided strings before they are written to the project's root configuration files.
  • [COMMAND_EXECUTION]: The SKILL.md and references/checklist.md files provide explicit instructions for the agent to execute shell commands. This includes installing dependencies via pnpm install, compiling code with cargo check, and running TypeScript scripts through tsx to sync versions and validate configurations.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 07:05 AM