cursor-rules-writing
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides educational content, templates, and reference materials for Cursor IDE configuration. Analysis of the instructions and examples across all five files found no evidence of malicious patterns such as prompt injection, data exfiltration, or unauthorized command execution.
- [COMMAND_EXECUTION]: The skill mentions various shell commands (e.g.,
mkdir,touch,ls,find,grep,wc,awk). These are used exclusively for local project file management and validating glob patterns, which is standard behavior for development-oriented skills. - [CREDENTIALS_UNSAFE]: Guidelines for configuration and environment variables follow security best practices. The skill explicitly advises users NOT to commit secrets and to use environment variables instead, providing examples of secure validation patterns.
- [EXTERNAL_DOWNLOADS]: No automated external downloads or remote script executions (e.g.,
curl | bash) are present. External links provided in the documentation point to legitimate technical references such as official Cursor documentation, the YAML specification, and Wikipedia.
Audit Metadata