nutmeg-init
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's behavior is entirely consistent with its stated purpose of initializing a user profile. It uses standard interaction patterns to gather and store configuration data.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it stores unsanitized user input in a configuration file (.nutmeg.user.md) intended for consumption by other skills. This is a common pattern for configuration tools and is considered safe in this context.
- Ingestion points: User responses regarding analytics experience and preferred tools are captured via AskUserQuestion and stored in the profile (SKILL.md).
- Boundary markers: The skill defines a markdown/YAML structure for the profile but does not specify delimiters or escaping for the user-supplied values (SKILL.md).
- Capability inventory: The skill uses Read and Write tools to manage the project configuration (SKILL.md).
- Sanitization: There are no instructions for validating or sanitizing the input provided by the user (SKILL.md).
Audit Metadata