boilerplate-genie
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill implements 'Rule Injection' by copying harvested coding standards from
knowledge/external-wisdom/everything-claude/rules/into.cursorrules. This creates an Indirect Prompt Injection surface where malicious instructions in source files could control the behavior of agents using the generated project. (1) Ingestion points:knowledge/external-wisdom/everything-claude/rules/. (2) Boundary markers: Absent. (3) Capability inventory: File-write access across the project directory. (4) Sanitization: Absent. - [DATA_EXFILTRATION] (LOW): The 'Knowledge Protocol' processed by this skill involves handling 'Confidential' and 'Personal' knowledge tiers, specifically mentioning 'secrets'. While no network exfiltration is observed in the static files, the access and processing of secrets during scaffolding represents a significant data exposure risk.
Audit Metadata