project-starter
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): Indirect prompt injection surface (Category 8) identified. Evidence: 1. Ingestion points: Project metadata files including package.json, requirements.txt, and docker-compose.yml. 2. Boundary markers: Absent. 3. Capability inventory: Local file reading and interpretation of configuration manifests. 4. Sanitization: Absent. An attacker could place malicious instructions in project file fields (e.g., package descriptions or script names) that the agent might follow during analysis.
- SAFE (SAFE): No other malicious patterns detected. The skill is otherwise well-constructed with explicit prohibitions against accessing sensitive files such as credentials, environment variables, or private keys.
Audit Metadata