project-agent-writer
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill operates locally within the project workspace, focusing on generating markdown-based agent templates and enforcing project-relative output paths.
- [COMMAND_EXECUTION]: The skill utilizes a local Node.js script,
scripts/init_agent.cjs, to automate the creation of agent instruction files. This script performs simple template rendering using built-in modules without executing user-provided data as code or performing network operations. - [PROMPT_INJECTION]: While the skill processes natural language input to design agents, the included test suite in
evals/evals.jsondemonstrates a proactive security posture by including test cases for prompt injection, Unicode homoglyphs, and evidence spoofing to ensure generated agents remain restricted and objective.
Audit Metadata