Skills
skills/dev-goraebap/agent-collab/init-project-rules/Gen Agent Trust Hub

init-project-rules

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: No malicious patterns, data exfiltration, or unauthorized credential access were detected. The skill's operations are confined to the local project environment.
  • [COMMAND_EXECUTION]: Uses common directory listing and file system discovery tools (ls, tree) to identify project components and configuration files for analysis.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by reading untrusted project files to inform documentation generation.
  • Ingestion points: Reads content from files such as package.json, pom.xml, and README.md (SKILL.md, Step 1).
  • Boundary markers: Absent.
  • Capability inventory: Has the ability to create or modify local documentation files including AGENTS.md and bridge files (SKILL.md, Step 3, 4).
  • Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 12:13 PM
Security Audit — agent-trust-hub — init-project-rules