django-project-setup
Fail
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill downloads and executes the installation script for 'uv' (a well-known Python package manager) from 'astral.sh' using a pipe-to-shell pattern (
curl | sh). This is a common installation method for this tool. - [COMMAND_EXECUTION]: The skill performs dynamic execution of generated content. It writes Python scripts (settings, models, tests) and subsequently executes them through
uv run python manage.pyandpytest. This is the intended primary purpose of the project setup skill. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. User-provided inputs, such as the
project_nameargument and thefirst_app_namecollected viaAskUserQuestion, are interpolated directly into shell commands (uv init,mkdir,startapp) and file templates without explicit sanitization or boundary markers. - Ingestion points:
project_nameargument andfirst_app_namevariable. - Boundary markers: None present in the command templates.
- Capability inventory: File system creation (
mkdir), project initialization (uv init), and execution of generated Python code (uv run). - Sanitization: No sanitization logic is defined for user-provided names.
Recommendations
- HIGH: Downloads and executes remote code from: https://astral.sh/uv/install.sh - DO NOT USE without thorough review
Audit Metadata