bootstrap-project
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill uses standard shell commands like
mkdir -pandln -sto set up project structure and documentation aliases within the user's workspace. These operations are used as intended for repository scaffolding. - [PROMPT_INJECTION]: The skill reads content from external files like
README.mdandpackage.jsonto generate anAGENTS.mdfile, which creates a surface for indirect prompt injection. Ingestion points: Files like README.md, package.json, pyproject.toml, and CI configs are read to gather project context. Boundary markers: The skill does not implement specific delimiters or 'ignore' instructions when processing these files. Capability inventory: The skill has the ability to read project files, write new markdown documentation, and initialize git. Sanitization: There is no explicit sanitization of the content extracted from project files before it is written to the new documentation. However, since the purpose is to provide context for AI agents, this is considered a low-risk, standard operational behavior.
Audit Metadata