python-initializr
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches a standard .gitignore configuration from GitHub's official repository. \n
- Evidence:
curl https://raw.githubusercontent.com/github/gitignore/refs/heads/main/Python.gitignore -o .gitignorein SKILL.md Step 5. \n - Context: Targets a well-known service (GitHub) to retrieve a standard template for version control; this is a safe operation and the automated scan's claim of execution is verified as a false positive as the file is only saved to disk. \n- [COMMAND_EXECUTION]: Executes system commands to initialize the project environment and verify configuration. \n
- Evidence: Uses
uv init,uv add,uv sync,uv run, andgitcommands throughout SKILL.md. \n - Context: These operations are standard for the skill's purpose of project bootstrapping and are executed within the local project context. \n- [PROMPT_INJECTION]: Includes a surface for indirect prompt injection via project metadata. \n
- Ingestion points:
project_nameandproject_descriptionin SKILL.md. \n - Boundary markers: Absent in the templates and shell commands. \n
- Capability inventory: The skill has file-write capabilities and the ability to execute subprocesses via
uv run. \n - Sanitization: No explicit sanitization is performed on the user-provided variables before interpolation. \n
- Context: This represents a standard surface for template-generation skills; given the primary purpose of the skill and its local scope, the risk is negligible.
Audit Metadata