skills/owainlewis/blueprint/bootstrap/Gen Agent Trust Hub

bootstrap

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs shell command execution to install and manage system-level development tools, including Homebrew (brew install), uv, and bun. It also handles directory creation and git initialization.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the download and execution of external scaffolding tools, specifically invoking npx create-next-app@latest to generate TypeScript projects and using uv or bun update mechanisms.
  • [REMOTE_CODE_EXECUTION]: The skill executes external code by running npx create-next-app@latest and performs self-updates for the uv and bun package managers.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection risk by reading an external configuration file (~/.claude/STACK.md) and allowing its content to override default instructions.
  • Ingestion points: The skill reads settings from ~/.claude/STACK.md if the file exists.
  • Boundary markers: No delimiters or ignore embedded instructions warnings are present when the agent processes the file content.
  • Capability inventory: The skill possesses the capability to execute shell commands (brew, uv, bun, npx, git) and write files to the system.
  • Sanitization: There is no evidence of validation or sanitization for the content ingested from the external configuration file.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 10:52 AM
Security Audit — agent-trust-hub — bootstrap