init-project
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill runs bundled bash scripts (
init-skeleton.shandinit-research-profile.sh) to create directories and boilerplate configuration files. These operations are local, idempotent, and transparent. - [INDIRECT_PROMPT_INJECTION]: During the project documentation phase, the skill reads existing local files (such as
README.mdorpackage.json) to draft sections forCLAUDE.md. While this exposes the agent to potentially untrusted content within those files, the workflow requires the agent to present a draft and obtain explicit user confirmation viaAskUserQuestionbefore writing any changes, which serves as an effective control. - [PRIVILEGE_ESCALATION]: The setup script applies executable permissions (
chmod +x) to a generated local hook script. This is an expected operation for installing developer tools and does not represent a security risk as the script is created locally from a known template.
Audit Metadata