project-initializer

This skill is a project scaffolding/initializer with expected capabilities: interactive questions, web searches for versions, invoking official scaffold CLIs, installing packages, configuring files, git commits, and generating rule files under .claude/skills/. I find no direct signs of malware, hardcoded credentials, obfuscated payloads, or explicit exfiltration to attacker-controlled endpoints. Primary risks are operational: (1) command execution and filesystem writes are high-impact if performed autonomously without clear per-action confirmation; (2) auto-generating .claude/skills increases the transitive trust surface if those generated skills are later executed or shared; and (3) reliance on web search results to craft commands/config raises prompt-injection risk if humans follow unverified web instructions. Recommend enforcing strict user confirmation before each execution step, validating sources for web-sourced instructions, and ensuring generated .claude skills are reviewed before being loaded or published.