doc-bootstrapping
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill is designed to write a 'Charter' to
.agent/rules/rule-one.md. In common AI agent environments, this file acts as a persistent set of instructions (a 'Constitution') that the agent must follow across all sessions within that project. While the provided template contains benign development practices, this mechanism modifies the agent's long-term behavior and configuration. - [DATA_EXPOSURE] (SAFE): The
resources/memory-template.mdfile contains a hardcoded absolute file URL (file:///d:/Projects/Letaice/...). This is a remnant of the author's local development environment. While it exposes the author's directory structure, it does not pose a security risk to the user or access any sensitive system files. - [COMMAND_EXECUTION] (SAFE): The skill performs standard file system operations such as directory creation (
mkdir) and file writing (write_file) to set up the documentation structure. No arbitrary or high-risk shell commands were detected.
Audit Metadata