Skills
skills/del-taiseiozaki/claude-code-orchestra/startproject/Gen Agent Trust Hub

startproject

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes external CLI tools, specifically gemini and codex, to perform codebase analysis and architectural design tasks. The Architect subagent is instructed to use codex exec with a --full-auto flag and a --sandbox read-only constraint to process architectural questions.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it ingests and processes untrusted data from the local codebase.
  • Ingestion points: Untrusted data enters the agent context in SKILL.md when the gemini CLI tool analyzes the codebase and saves the findings to .claude/docs/research/{feature}-codebase.md.
  • Boundary markers: The skill does not implement explicit boundary markers or delimiters to separate analyzed codebase content from agent instructions in subsequent phases.
  • Capability inventory: The skill has the capability to write files (via SKILL.md instructions for Researcher and Architect) and execute CLI commands (gemini, codex).
  • Sanitization: There is no evidence of sanitization or filtering of the codebase content before it is used to prompt the Researcher and Architect agents in Phase 2.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 06:58 AM