project-creator
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface detected. The skill collects project-specific information (name, purpose, deliverables) from user input and persists it into project configuration files (CLAUDE.md, README.md, PHASE_TRACKER.md) via template interpolation.
- Ingestion points: User input gathered in Step 1 of the project creation workflow in SKILL.md.
- Boundary markers: Absent; user strings are directly substituted into Markdown templates without delimiters or warnings.
- Capability inventory: Uses standard file-writing tools to create projects and executes local validation scripts via subprocesses.
- Sanitization: No sanitization or validation of user-provided strings is performed before they are written to disk.
- [COMMAND_EXECUTION]: The skill utilizes local Python and Bash scripts for project validation.
- Evidence: SKILL.md and scripts/README.md instruct the agent to execute scripts/validate_project.py and scripts/validate_project.sh.
- Scope: These scripts perform file system checks to ensure project integrity and the presence of required metadata and logging sections.
Audit Metadata