Skills
skills/pradeepmouli/zod-to-form/template-initialization/Gen Agent Trust Hub

template-initialization

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes multiple local scripts and system commands to perform its tasks.
  • Evidence: Executes node scripts/init-template.mjs, scripts/discover-skills.mjs, pnpm run lint, and pnpm test.
  • [EXTERNAL_DOWNLOADS]: The skill downloads and installs third-party tools during the initialization process.
  • Evidence: Invokes uvx to install specify and specify-extend for GitHub Copilot integration.
  • [REMOTE_CODE_EXECUTION]: By using uvx to fetch and run packages, the skill executes code downloaded from external package registries at runtime.
  • Evidence: Commands uvx specify --ai copilot and uvx specify-extend --agent copilot download and execute external payloads.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted user data in a powerful execution context.
  • Ingestion points: The description input provided by the user (SKILL.md).
  • Boundary markers: Absent; user input is passed to scripts/discover-skills.mjs without explicit delimiters or instructions to ignore embedded commands.
  • Capability inventory: The skill can execute arbitrary shell commands (zx, node, uvx, pnpm) and modify local files (package.json, README.md).
  • Sanitization: Absent; no evidence of validation or filtering for the project description before it is used for skills discovery.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 06:47 PM