init-public-rules
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection by incorporating content from local project files into generated documentation.\n
- Ingestion points: The skill reads files like package.json, pom.xml, and README.md during the automated analysis phase.\n
- Boundary markers: No specific delimiters or 'ignore' instructions are provided to the agent when processing these files.\n
- Capability inventory: The skill has the ability to write files (AGENTS.md, CLAUDE.md) and execute shell commands for directory listing.\n
- Sanitization: There is no evidence of sanitization or escaping of the content read from external files before it is used in templates.\n- [EXTERNAL_DOWNLOADS]: The skill performs an automated update check by fetching a manifest from the author's GitHub repository at raw.githubusercontent.com/dev-goraebap/agent-collab. This targets a well-known service for a legitimate maintenance purpose.\n- [COMMAND_EXECUTION]: The workflow involves running filesystem inspection commands such as ls and tree to determine the project's directory structure.
Audit Metadata