folder-structure-blueprint-generator
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill is composed entirely of markdown instructions and configuration variables. There are no associated scripts (Python, Node.js), binaries, or shell commands included in the package.
- [PROMPT_INJECTION]: The skill uses an 'Initial Auto-detection Phase' to scan project files (such as package.json, requirements.txt, and .sln). While processing untrusted project files is a known surface for indirect prompt injection, the skill itself does not contain malicious instructions, and the risk is inherent to the task of file analysis.
- [DATA_EXFILTRATION]: Although the skill directs the agent to scan project directory structures and configuration metadata, it does not include any network operations (curl, wget, or API calls) to exfiltrate this information. The analysis is limited to local project documentation generation.
- [COMMAND_EXECUTION]: No shell commands or subprocess calls are defined within the skill. All analysis is intended to be performed by the LLM using its internal reasoning capabilities based on the provided file structure.
Audit Metadata