creative-init

Pass

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to create project directories (e.g., using mkdir -p). This behavior is consistent with the stated purpose of a project initialization tool and uses absolute paths for directory management.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests user-provided data and incorporates it into project templates using variable substitution (e.g., {{专案名称}}). This represents a potential indirect injection surface if downstream skills process these files without validation.
  • Ingestion points: User answers collected during project setup (Step 2) and configuration data from domain.yaml and init-guide.md (Step 4).
  • Boundary markers: None identified. The skill performs direct variable replacement without specific delimiters or instructions to ignore embedded commands.
  • Capability inventory: The skill can create directories via Bash and perform file-write operations across the project structure.
  • Sanitization: No explicit sanitization or validation of user input is documented before the data is written to the project files.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 21, 2026, 11:54 PM
Security Audit — agent-trust-hub — creative-init