project-init

Pass

Audited by Gen Agent Trust Hub on Jul 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs state assessment and verification by executing local Node.js scripts.\n
  • Evidence: Several node -e commands in SKILL.md (e.g., Phase 0 and Phase 4) execute logic from scripts located in ./.claude/hooks/lib/.\n- [PROMPT_INJECTION]: The skill ingests data from project files (documentation, specs, and config) to drive its workflow, creating an indirect prompt injection surface.\n
  • Ingestion points: The skill is instructed to read docs/project-config.json, docs/project-reference/docs-index-reference.md, and Feature Specs in docs/specs/.\n
  • Capability inventory: The skill can execute shell commands (git, node) and spawn sub-agents based on the state discovered in these files.\n
  • Boundary markers: The instructions specify explicit routing for loading documents but lack mention of sanitization for the content processed from these external files.\n
  • Sanitization: No explicit sanitization or filtering of external content is described.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 5, 2026, 06:08 PM
Security Audit — agent-trust-hub — project-init