create-legacy-command
Pass
Audited by Gen Agent Trust Hub on May 24, 2026
Risk Level: SAFEPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [SAFE]: The skill's primary function is the local generation of project scaffolding and configuration files. It does not perform unauthorized network operations, exfiltrate data, or attempt to bypass system permissions.
- [PROMPT_INJECTION]: The skill ingests user-provided names and descriptions to populate file templates, which represents a surface for indirect prompt injection. However, the risk is mitigated by the tool's intended use-case as a developer utility and the presence of evaluation criteria in
evals/evals.jsonthat specifically test the agent's ability to identify and reject malicious input such as script injections or illegal characters. - [REMOTE_CODE_EXECUTION]: The skill generates Python scripts (
templates/execute.py.jinja) and markdown-based command logic. This code generation is handled locally using trusted templates and does not involve the download or execution of scripts from external or untrusted sources.
Audit Metadata