Skills
skills/bmad-code-org/bmad-method/bmad-init/Gen Agent Trust Hub

bmad-init

Warn

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructions direct the agent to run a local Python script bmad_init.py for project configuration management.
  • [DATA_EXFILTRATION]: The script bmad_init.py constructs file paths for reading and writing configuration using user-controllable module codes without validation. This presents a path traversal vulnerability that could allow access to or modification of files outside the designated project directory.
  • [INDIRECT_PROMPT_INJECTION]: The skill defines an ingestion point for user-provided configuration data via the --answers argument in cmd_write. Boundary markers are provided via agent instructions in SKILL.md. Capabilities include file writing and directory creation. Sanitization is performed using yaml.safe_dump. It establishes a trust boundary where malicious configuration values could influence downstream agent behavior.
  • [SAFE]: The script utilizes yaml.safe_load and yaml.safe_dump to handle configuration data, protecting against unsafe YAML deserialization.
  • [SAFE]: No network access, remote code downloads, or hardcoded credentials were found.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 28, 2026, 08:06 AM
Security Audit — agent-trust-hub — bmad-init