dev-kit-init
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted data from the workspace to generate documentation and trigger secondary research tasks, creating a surface for adversarial content to influence the agent.
- Ingestion points: Scans project files including README, package.json, src/, infra, requirements.txt, and go.mod (SKILL.md).
- Boundary markers: Absent; there are no instructions for the agent to disregard instructions embedded within the ingested files.
- Capability inventory: Performs file-system writes to the .dev-kit/docs/ directory and automatically triggers the /dev-kit.research skill based on extracted data.
- Sanitization: Absent; tech stack names and versions are extracted directly and used as arguments for subsequent skill calls.
Audit Metadata