python-development-python-scaffold
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes untrusted input to generate project structures.\n
- Ingestion points: User requirements and project metadata enter the agent context through the
$ARGUMENTSplaceholder inSKILL.md.\n - Boundary markers: Absent; the skill lacks delimiters or specific instructions to the agent to ignore potentially malicious instructions embedded within user input.\n
- Capability inventory: The skill instructions include executing shell commands (
uv,git,django-admin) and performing file system writes (creating project structures, writingpyproject.tomland.env.example).\n - Sanitization: Absent; there is no logic provided within the skill to sanitize or escape user-provided strings before they are interpolated into commands or file content.\n- [COMMAND_EXECUTION]: The skill directs the agent to perform shell operations for project initialization, such as
uv initandgit init. While these are standard development workflows, the use of user-supplied variables (like project names) in these commands requires the agent to implement its own security boundaries to prevent shell command injection.
Audit Metadata