init
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches Python dependencies from official package registries using the uv tool during the project build and verification process.
- [COMMAND_EXECUTION]: Runs local shell commands via a justfile, including building, testing, and linting the generated application code to verify its integrity.
- [COMMAND_EXECUTION]: Performs Git initialization and manages GitHub repository creation, which involves network communication and the use of environment credentials for repository hosting.
- [PROMPT_INJECTION]: Ingests arbitrary text from $ARGUMENTS to guide project configuration and code generation, which represents a surface for indirect prompt injection. Evidence: 1. Ingestion points: $ARGUMENTS in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: File system writes, subprocess execution via just, and network operations via git/gh. 4. Sanitization: Absent.
Audit Metadata