project-scaffolder
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Prompt Injection (HIGH): The skill possesses a significant attack surface for Indirect Prompt Injection as it transforms untrusted user input into generated code and configurations with file-system write capabilities.\n
- Ingestion points: User stack specifications and contextual requirements are ingested in SKILL.md (Core Workflow Step 1).\n
- Boundary markers: Absent. The workflow lacks instructions to use delimiters or to treat user input as data rather than potential instructions.\n
- Capability inventory: The skill utilizes extensive file-system write capabilities to create folder structures and baseline code (SKILL.md Steps 3-7).\n
- Sanitization: Absent. There is no logic provided to validate the safety of the generated scripts in package.json or requirements.txt, which could contain malicious commands.
Recommendations
- AI detected serious security threats
Audit Metadata