Skills
skills/nsantini/gsdl/gsdl-setup-project/Gen Agent Trust Hub

gsdl-setup-project

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill is designed for workspace organization and operates exclusively within a hidden subdirectory.
  • [COMMAND_EXECUTION]: Uses the 'mkdir' command to establish project folders. The command usage is legitimate, local-only, and follows safe patterns for directory creation.
  • [PROMPT_INJECTION]: The skill facilitates indirect prompt injection by creating the 'seed.md' file which ingests raw user input for later use by other skills. 1. Ingestion points: The 'seed.md' file created in the project setup. 2. Boundary markers: None present to delimit user input from future instructions. 3. Capability inventory: Directory and file creation via shell commands. 4. Sanitization: No sanitization is performed on the created file's path or projected content. This is considered a low-risk architectural pattern inherent to the skill's purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 10:16 PM