deepinit
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script (
.agent-skills/deepinit/scripts/validate_agents_hierarchy.py) to verify the parent-child relationships within the generated documentation. The script uses standard Python libraries (pathlib, re, sys) and operates strictly on the local file system to check for formatting and path resolution. - [PROMPT_INJECTION]: The skill reads the content of project files and existing AGENTS.md files to generate summaries and merge updates. This creates a surface for indirect prompt injection if the project being documented contains malicious instructions. However, the skill uses structured markdown templates and specific preservation markers (e.g.,
<!-- MANUAL: -->) which act as natural boundaries. - Ingestion points: Reads all files in the directory during analysis (SKILL.md Step 3) and existing AGENTS.md content (SKILL.md Step 4).
- Boundary markers: Uses template structures and explicit manual markers to separate generated content from manual notes.
- Capability inventory: File system read and write access across the project directory.
- Sanitization: No specific sanitization or escaping of file content is described before interpolation into the AGENTS.md template.
Audit Metadata