wt-setup
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses various shell commands including
wt,git,find, andcargoto manage tool configuration and perform validation tasks. - [COMMAND_EXECUTION]: Instructions include executing a local installer script (
~/dotfiles/install.sh) and running tests viacargo, which are standard for development and setup of the 'wt' environment. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it reads and acts upon data from untrusted files within a repository (e.g.,
README.md,.wt.toml) to determine configuration changes. - Ingestion points: Reads from repository files such as
README.md,docs/consistency.md,.wt.toml,config.toml, andprofile.toml. - Boundary markers: No specific delimiters or instructions to ignore embedded commands in these external files are present.
- Capability inventory: The skill can execute shell commands (
wt,git,cargo) and modify configuration files based on the processed data. - Sanitization: No sanitization or integrity checks for the content of external files are mentioned.
Audit Metadata