Skills
skills/fredericosantos/skills/just-init/Gen Agent Trust Hub

just-init

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use shell utilities like grep and head to determine docstring boundaries within files. While the pattern is specific to line counting, executing shell commands on local project files is a capability that requires monitoring.
  • [PROMPT_INJECTION]: The skill establishes a pattern for indirect prompt injection by teaching the agent to treat __init__.py docstrings as a "docstring tree" to "decide which files to explore next." If the agent processes a malicious or compromised repository, instructions embedded in these docstrings could redirect the agent to specific files or override its navigation logic.
  • Ingestion points: The contents of __init__.py files across the codebase (SKILL.md).
  • Boundary markers: Absent. The skill does not define delimiters or instructions to ignore executable directives within the docstrings.
  • Capability inventory: Use of grep and head via shell, file reading, and file writing (docstring updates).
  • Sanitization: None. The skill does not validate or filter the content of the docstrings before the agent uses them for decision-making.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 06:26 PM