theangry-project-bootstrap

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is restricted to local project organization tasks such as reading context and writing scaffold files.
  • [SAFE]: SKILL.md contains explicit guardrails that prohibit the agent from installing packages, creating accounts, or performing network operations.
  • [SAFE]: The instructions mandate that sensitive data should not be stored in project files and that all file creations must be proposed and approved first.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it reads existing documentation (Ingestion points: AGENTS.md, README.md in SKILL.md). While it lacks boundary markers, its capabilities are limited to project scaffolding (Capability inventory: file write), and it requires human review of the proposed scaffold (Sanitization: approval step).
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 05:53 PM
Security Audit — agent-trust-hub — theangry-project-bootstrap