environment-setup
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it is designed to ingest and analyze potentially untrusted local repository data (such as .env files, documentation, and configuration) without enforcing boundary markers to prevent the agent from executing instructions found within those files.
- Ingestion points: Project files and documentation are read using the Read, Glob, and Grep tools (SKILL.md).
- Boundary markers: Absent; the instructions do not specify delimiters or provide guidance for the agent to treat the content as untrusted data.
- Capability inventory: The skill is allowed to use powerful tools including Bash, Write, and Edit (SKILL.md), which could be leveraged if an agent is successfully steered by malicious file content.
- Sanitization: Absent; the skill does not include steps to validate or escape external data before it is processed.
Audit Metadata