Skills
skills/regenrek/agent-skills/create-new-static-website/Gen Agent Trust Hub

create-new-static-website

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes several shell commands to initialize projects, manage git repositories, and configure development environments. Tools used include npx, pnpm, git, gh, and trash.
  • [EXTERNAL_DOWNLOADS]: The skill fetches a project template from a remote repository using npx gitpick. This is consistent with the skill's primary function of scaffolding new projects.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes user-supplied inputs for project names, repository details, and passwords which are then interpolated into shell commands.
  • Ingestion points: User inputs for project name, owner, repository, and password in SKILL.md.
  • Boundary markers: Absent.
  • Capability inventory: Subprocess execution via npx, pnpm, git, and gh in SKILL.md.
  • Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 07:07 AM