aos-setup
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs expected configuration tasks, including project stack detection and writing AI instruction files such as .cursorrules and .windsurfrules. These actions align with the stated purpose of the skill and the needs of a project setup utility.\n- [PROMPT_INJECTION]: The skill establishes an indirect prompt injection surface by populating AI instruction files with content sourced from an external repository. While this is the core function of the skill, it creates a vector where future agent behavior is determined by external, unvalidated instructions.\n
- Ingestion points: Content for the instruction files is retrieved from the
prompts/directory of the ArchitectOS repository.\n - Boundary markers: There are no explicit delimiters or warnings mentioned to isolate the imported instructions from system-level logic.\n
- Capability inventory: The skill possesses the capability to write multiple configuration files (.cursorrules, .windsurfrules, .github/copilot-instructions.md, .aider.conf.yml).\n
- Sanitization: No validation or sanitization of the fetched prompt content is mentioned before it is written to the user's filesystem.
Audit Metadata