project-init-orchestrator
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to perform project setup by running shell commands, specifically invoking
python3 scripts/scaffold.pyand executing various package manager operations (npm, pnpm, bun) to initialize environments. - [REMOTE_CODE_EXECUTION]: The orchestration workflow involves installing third-party Node.js packages and configuring git hooks (Husky) which execute code within the user's local development environment.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it interpolates user-provided data, such as project paths and tech stack choices, directly into shell command arguments without specified validation or sanitization.
- [PROMPT_INJECTION]: Category 8 Evidence Chain: 1. Ingestion points: User-provided project path and tech stack (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Subprocess execution via python3 and package manager commands. 4. Sanitization: None documented.
Audit Metadata