customize
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill performs its described function of local file customization without engaging in unauthorized network access, data exfiltration, or privileged command execution.
- [COMMAND_EXECUTION]: The skill employs a restricted bash command (grep) solely for the purpose of validating that all template markers have been correctly replaced with project details.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface. 1. Ingestion points: user responses to AskUserQuestion and the $ARGUMENTS variable in SKILL.md. 2. Boundary markers: The skill uses HTML comments to locate insertion points. 3. Capability inventory: The skill can Write and Edit project files, and execute Bash(grep*) for validation. 4. Sanitization: No explicit sanitization of user-provided strings is performed before writing to configuration files.
Audit Metadata