skills/akillness/jeo-skills/deepinit/Gen Agent Trust Hub

deepinit

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script (.agent-skills/deepinit/scripts/validate_agents_hierarchy.py) to verify the parent-child relationships within the generated documentation. The script uses standard Python libraries (pathlib, re, sys) and operates strictly on the local file system to check for formatting and path resolution.
  • [PROMPT_INJECTION]: The skill reads the content of project files and existing AGENTS.md files to generate summaries and merge updates. This creates a surface for indirect prompt injection if the project being documented contains malicious instructions. However, the skill uses structured markdown templates and specific preservation markers (e.g., <!-- MANUAL: -->) which act as natural boundaries.
  • Ingestion points: Reads all files in the directory during analysis (SKILL.md Step 3) and existing AGENTS.md content (SKILL.md Step 4).
  • Boundary markers: Uses template structures and explicit manual markers to separate generated content from manual notes.
  • Capability inventory: File system read and write access across the project directory.
  • Sanitization: No specific sanitization or escaping of file content is described before interpolation into the AGENTS.md template.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 07:06 AM
Security Audit — agent-trust-hub — deepinit