project-init
Warn
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs dynamic command execution in the 'Hooks Installation' section. It attempts to resolve a path to a setup script, including a potential location in a sibling directory ('../full-project-skill/scripts/setup-hooks.sh'), and executes it using the bash interpreter. Executing scripts from outside the immediate project root can be risky in shared environments.
- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection.
- Ingestion points: The skill incorporates 'market snapshot' data and user-provided goals into generated documentation.
- Boundary markers: There are no explicit markers or instructions to isolate or ignore instructions that may be embedded in the market data.
- Capability inventory: The agent can write to multiple markdown files and execute shell commands via bash.
- Sanitization: The skill lacks validation or sanitization mechanisms for the external data it processes during project initialization.
Audit Metadata