setup-dry
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's instructions prioritize user oversight, requiring confirmation of project state and approval of all file generation tasks before any changes are committed to the filesystem.
- [COMMAND_EXECUTION]: The skill creates and modifies executable scripts within the .git/hooks directory and GitHub Actions workflows. These actions are legitimate for the stated purpose of establishing pre-commit and CI-level checks and are explicitly disclosed to the user.
- [PROMPT_INJECTION]: The skill identifies the project environment by reading files, creating a surface for indirect prompt injection.
- Ingestion points: Reads project file extensions and configuration files (SKILL.md).
- Boundary markers: Absent; the instructions do not define specific separators or ignore-instructions for the untrusted project data being processed.
- Capability inventory: Writing shell scripts to .git/hooks/, writing YAML to .github/workflows/, and making files executable (SKILL.md).
- Sanitization: No content validation or escaping is specified for the project file content, though the final output is presented for human review.
Audit Metadata