init-deep
Pass
Audited by Gen Agent Trust Hub on Jun 27, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes bash commands (e.g.,
find,wc,awk,sed) to perform structural analysis of the local project directory. These operations are used to determine where documentation is needed based on directory complexity and are restricted to standard local utilities.\n- [DATA_EXPOSURE]: The skill identifies and reads project-level configuration files (e.g.,.eslintrc,pyproject.toml) and existing documentation to extract relevant project conventions. This process is restricted to standard project files and does not target sensitive user credentials or environment variables.\n- [PROMPT_INJECTION]: The skill possesses a potential surface for indirect prompt injection as it ingests untrusted project data to generate summaries.\n - Ingestion points: The skill reads existing
AGENTS.md,CLAUDE.md, and project source files (SKILL.md) to preserve context during regeneration.\n - Boundary markers: None present. The agent processes file content without explicit delimiters warning it to ignore embedded instructions.\n
- Capability inventory: The skill uses
bashfor analysis and theWriteandEdittools for creating documentation files.\n - Sanitization: None. The content read from files is summarized and written back to the project as markdown documentation.
Audit Metadata