full-stack-scaffold
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Safe] (SAFE): No security threats identified across all 10 threat categories. The skill's logic is purely instructional.
- [Indirect Prompt Injection] (SAFE): The skill has a data ingestion surface where it accepts a 'project type' argument. However, there is no exploitable capability as the scripts only print the input and do not use it in dangerous functions like
evalorsubprocess.run. - Ingestion points:
sys.argv[1]inscaffold_app.pyandprocess.argv[2]inscaffold_app.js. - Boundary markers: Absent.
- Capability inventory: Only
print/console.logstatements. - Sanitization: Not applicable given the limited capabilities.
- [Command Execution] (SAFE): The documentation contains a command to run a local script (
python .agent/skills/...). The script itself is verified to be safe.
Audit Metadata