ln-700-project-bootstrap
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill automates project lifecycle tasks including building code, running tests, and managing containers via docker-compose as part of its core bootstrapping functionality.
- [EXTERNAL_DOWNLOADS]: Orchestrates package installation through standard managers such as npm, dotnet, and pip to set up project dependencies during transformation and creation.
- [CREDENTIALS_UNSAFE]: Includes a dedicated security phase (Phase 1, Step 5 via ln-760) specifically designed to detect and flag hardcoded secrets in the project being bootstrapped.
- [DATA_EXFILTRATION]: No unauthorized data transmission or suspicious network activity detected; network usage is limited to standard package management and local health checks.
- [PROMPT_INJECTION]: The skill uses a structured multi-phase workflow with explicit user confirmation steps, reducing the risk of unauthorized instruction overriding.
Audit Metadata