setup-initiative
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of markdown-based instructions for an AI agent and does not include any scripts, binaries, or executable code blocks.
- [SAFE]: The operations described involve creating local directory structures and templating README files based on user-provided metadata, which are standard project management tasks.
- [PROMPT_INJECTION]: No evidence of malicious instructions, jailbreak attempts, or safety filter bypasses was found in the content.
- [DATA_EXFILTRATION]: The skill does not request any network operations or access to sensitive system paths like credentials or SSH keys.
- [COMMAND_EXECUTION]: No shell commands, subprocess spawning, or system-level executions are present in the skill definition.
- [SAFE]: Regarding indirect prompt injection, the skill ingests user input (initiative details) in SKILL.md and lacks explicit boundary markers or sanitization; however, its capabilities are strictly limited to file system organization within the local workspace, posing no significant security risk.
Audit Metadata