agent-init
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill includes a template that fetches the latest Go version from the official go.dev website. This is a neutral operation from a well-known service.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted project files (source code, READMEs, CI configs) to derive build commands and constraints. While it includes a manual confirmation step for the user to review findings, there is an inherent risk that malicious instructions in the analyzed files could attempt to influence the generated Makefile or documentation.
- [COMMAND_EXECUTION]: The skill utilizes standard development tools such as git, make, and go to analyze repository state and execute confirmed build or test targets. These operations are consistent with the skill's primary purpose of project initialization and maintenance.
Audit Metadata