project-scaffolding
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No patterns were detected that attempt to override agent instructions, bypass safety filters, or extract system prompts.
- [EXTERNAL_DOWNLOADS]: The skill references official documentation from well-known services and technology providers, including Apache, Harness, Helm, and Terraform. These references are for documentation purposes and do not involve untrusted remote code execution.
- [INDIRECT_PROMPT_INJECTION]: The skill includes logic for detecting project types by reading metadata files from the local environment.
- Ingestion points: Project-specific files such as
package.json,pom.xml, andgo.modin the root directory. - Boundary markers: None identified; the agent parses these files based on standard structures.
- Capability inventory: The skill uses tools for file system manipulation (Read, Write, Edit, Glob) and command execution (Bash, Task).
- Sanitization: There is no explicit sanitization of data read from configuration files before it is used to determine project type or scaffolding steps.
Audit Metadata