project-scripts
Warn
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill logic generates and executes shell scripts to manage project lifecycles. The script
scripts/bootstrap.shcreates executable bash scripts on the local filesystem and applieschmod +xto them. Additionally, documentation inreferences/adapters.mdnotes that runtime configuration values may be passed toevalfor execution. - [DATA_EXFILTRATION]: The skill targets sensitive environment configuration files for access. Both
scripts/bootstrap.shand the templates inreferences/ecosystem-templates.mdcontain instructions to copy or symlink files such as.env,.env.local, and.dev.varswhich typically contain secrets. - [REMOTE_CODE_EXECUTION]: The skill scaffolds scripts that invoke standard package managers including
npm,pnpm,bun,uv, andcargoto download and install dependencies from official remote registries. - [EXTERNAL_DOWNLOADS]: The skill integrates with the
misetool to manage development runtimes, using commands likemise installto download and configure software from well-known external sources.
Audit Metadata