ai-kickoff
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [GENERAL] (SAFE): This skill functions as a code generator and project scaffolder. It provides templates for Python files (main.py, program.py, server.py, etc.) to help users bootstrap AI applications with DSPy.- [CREDENTIALS_UNSAFE] (SAFE): No real credentials or API keys are present. The .env.example file contains a safe placeholder 'your-api-key-here'.- [EXTERNAL_DOWNLOADS] (SAFE): The skill suggests standard, well-known Python packages (dspy, fastapi, uvicorn) in a requirements.txt file but does not initiate any downloads or installations itself.- [COMMAND_EXECUTION] (SAFE): The skill contains no shell commands or subprocess calls. The '$ARGUMENTS/' notation is a placeholder for a local directory name provided by the user.- [INDIRECT_PROMPT_INJECTION] (LOW): The generated FastAPI server (server.py) accepts user input through a QueryRequest model. This is an inherent part of building an AI API and does not represent a malicious injection within the skill's own logic.
Audit Metadata