theangry-project-bootstrap
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is restricted to local project organization tasks such as reading context and writing scaffold files.
- [SAFE]: SKILL.md contains explicit guardrails that prohibit the agent from installing packages, creating accounts, or performing network operations.
- [SAFE]: The instructions mandate that sensitive data should not be stored in project files and that all file creations must be proposed and approved first.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it reads existing documentation (Ingestion points: AGENTS.md, README.md in SKILL.md). While it lacks boundary markers, its capabilities are limited to project scaffolding (Capability inventory: file write), and it requires human review of the proposed scaffold (Sanitization: approval step).
Audit Metadata