Skills
skills/iskysun96/aptos-agent-skills/create-aptos-project/Gen Agent Trust Hub

create-aptos-project

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute several shell commands, including npx, aptos init, and npm run, to manage the project lifecycle.
  • [EXTERNAL_DOWNLOADS]: The skill utilizes npx to download and execute the create-aptos-dapp package from the npm registry.
  • [PROMPT_INJECTION]: The skill is potentially vulnerable to indirect prompt injection if user-provided strings (like the project name) are not sanitized before being used in shell commands. The skill mitigates this by instructing the agent to use a specific format (kebab-case).
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 05:40 AM