project-scaffolder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions to override agent behavior or bypass safety filters were found in the skill definitions or templates.
- [Data Exposure & Exfiltration] (SAFE): The skill does not access sensitive system paths or hardcode credentials. It is entirely focused on generating skeleton code structure.
- [Remote Code Execution] (SAFE): While the skill mentions package managers like npm and pip in its templates, it does not execute them or download remote scripts during runtime.
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted user input to define project names and stack preferences, creating a surface for potential instruction injection.
- Ingestion points: User-specified tech stack and project name in
SKILL.md. - Boundary markers: Absent; user input is directly interpolated into the scaffolding workflow.
- Capability inventory: File and directory creation for the scaffolded project.
- Sanitization: No explicit sanitization or validation of user-provided strings is defined.
Audit Metadata