solo-setup
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to manage directories during the setup process. Evidence: Executes 'mkdir -p docs' to ensure the target directory exists before writing the workflow configuration.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it relies on content from untrusted external files to guide its logic and output generation. Ingestion points: Reads content from project files including CLAUDE.md, docs/prd.md, package.json, pyproject.toml, and various linter configuration files. Boundary markers: Absent. There are no delimiters or instructions to ignore potential commands embedded within the processed project files. Capability inventory: The skill utilizes Bash for shell execution and the Write and Edit tools for filesystem modification. Sanitization: Absent. There is no evidence of content validation or filtering before the data is used to generate the docs/workflow.md file or update project documentation.
Audit Metadata