dojo-init
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill instructs the agent to use
sozo init, which downloads a starter template fromhttps://github.com/dojoengine/dojo-starter. Thedojoengineorganization is not included in the Trusted External Sources list, making this an unverifiable dependency. - [COMMAND_EXECUTION] (LOW): The skill requires the
Bashtool to execute various Dojo CLI commands (sozo,katana). This is a legitimate requirement for the skill's purpose but provides a capability surface for the agent. - [CREDENTIALS_UNSAFE] (LOW): The provided configuration template for
dojo_dev.tomlcontains a truncated placeholder private key (0xc5b2f...). While clearly intended as a non-functional example for local development, it encourages the practice of placing sensitive credentials in configuration files. - [PROMPT_INJECTION] (LOW): The skill exhibits an Indirect Prompt Injection surface (Category 8).
- Ingestion points: The skill accepts a user-provided project name (e.g., "Initialize a Dojo game called [name]").
- Boundary markers: No specific boundary markers or "ignore embedded instruction" warnings are provided in the command templates.
- Capability inventory: The skill uses
Bashfor command execution andWritefor file creation. - Sanitization: The skill does not explicitly define sanitization for the project name variable before it is passed to the
Bashtool, which could lead to command injection if an adversarial user provides a malicious name string.
Audit Metadata