project-init
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill makes extensive use of the
Bashtool to perform project setup and maintenance tasks. - Evidence:
- Executes environment and code quality checks using tools like
uv,ruff,mypy, andpytest. - Interacts with the GitHub CLI (
gh) to check authentication status, refresh tokens, and manage project boards. - Runs various hygiene tools including
gitleaksfor secret scanning,shellcheckfor script linting, andactionlintfor GitHub Actions validation. - Orchestrates paper-specific workflows using
tex-fmtand custom check scripts. - [EXTERNAL_DOWNLOADS]: The skill downloads an external template repository to initialize the slides component.
- Evidence:
- Executes
git clone https://github.com/a-green-hand-jack/progress-slides.gitto fetch a slide deck template from the author's own repository. - [INDIRECT_PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it processes user-provided summaries and interacts with existing code/paper repositories.
- Ingestion points: User-provided research summaries (Step 1) and content from existing repositories when connected (Step 5) are ingested into the agent's context.
- Boundary markers: The skill uses structured YAML files (
memory/project.yaml) and dedicated markdown guidance files (AGENTS.md,CLAUDE.md) to define operational boundaries and project-specific policies. - Capability inventory: The agent has access to
Read,Write,Edit,Bash, andGlobtools across the project root and component repositories. - Sanitization: No explicit automated sanitization of external data is mentioned; security relies on the agent adhering to the instructions provided in the guidance files and human review of generated diffs.
Audit Metadata