setup-mimas-template
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local shell script (
scripts/scaffold.sh) to automate the creation of the documentation directory structure and copy static template files. This execution is confined to local operations and does not involve remote code downloads. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it ingests and processes untrusted data from the analyzed repository to populate its templates.
- Ingestion points: Subagents read repository configuration files (e.g.,
package.json,pyproject.toml), git logs, and existing documentation (README.md). - Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions when processing the ingested text.
- Capability inventory: The skill possesses file-writing capabilities and shell script execution permissions.
- Sanitization: There is no explicit sanitization step described for the data ingested from the repository before it is interpolated into the generated instruction files.
Audit Metadata