Skills
skills/peachsolution/peach-harness/peach-setup-ui-proto/Gen Agent Trust Hub

peach-setup-ui-proto

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various shell commands (ls, cat, grep) to analyze the current project state and uses rm to delete legacy configuration files such as .cursorrules and the .cursor/rules/ directory.
  • [PROMPT_INJECTION]: The skill reads the contents of existing configuration files (CLAUDE.md, AGENTS.md) to identify sections for removal or modification. This represents an indirect prompt injection surface as the content of these files could theoretically influence the agent's logic during the setup process.
  • Ingestion points: Reads CLAUDE.md and AGENTS.md in Step 1 and Step 2.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are used when reading these files.
  • Capability inventory: The skill has the ability to read files, write files, and delete files/directories via shell commands.
  • Sanitization: There is no evidence of sanitization or validation of the content read from the local files before it is processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 04:07 PM