meta-initialization
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests data from project files (README.md, configuration files) to automate methodology selection, creating a surface for indirect prompt injection. Ingestion points: Project root files (e.g., ../README.md). Boundary markers: None identified in the scanning logic. Capability inventory: Filesystem writes, directory creation, and shell script generation. Sanitization: Not specified for the content extracted during scanning.
- [COMMAND_EXECUTION]: The skill scaffolds bash and PowerShell scripts (export-docs.sh and export-docs.ps1) for aggregating generated documents. These scripts use standard system commands like find and cp to organize files within the initialized project directory.
Audit Metadata