agent-folder-init
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill provides numerous markdown templates defining 'slash commands' (e.g., /start, /task, /deploy, /scaffold) for Cursor and Claude. These commands define structured interactions and utilize standard development tools (git, npm, aws-cli) for their intended purposes. There is no evidence of malicious command injection or unauthorized access.
- [REMOTE_CODE_EXECUTION] (SAFE): The skill includes a local Python script
scripts/scaffold.pywhich is executed by the user to initialize projects. Analysis of this script shows it uses standard Python libraries (pathlib, shutil, argparse) to copy template files and perform basic string replacements for placeholders. It does not perform any network requests, download external files, or execute untrusted code. - [DATA_EXFILTRATION] (SAFE): No data exfiltration patterns were found. The script and commands operate strictly on the local project root and the user's local AI configuration directory (~/.claude/). There are no calls to external domains or attempts to access sensitive system files like credentials or SSH keys.
- [PROMPT_INJECTION] (SAFE): The provided templates contain extensive instructions for AI agent behavior. While some use strong instructional language (e.g., 'CRITICAL', 'MANDATORY'), these are used to enforce project-specific coding standards (such as prohibiting 'any' types in TypeScript) and do not attempt to bypass system safety filters or override the agent's core instructions in a malicious way.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill does not define any external dependencies or perform runtime installations of third-party packages. It relies entirely on standard libraries and the files included within the skill package.
Audit Metadata