init-agent-config
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes local shell scripts (
scripts/audit-agents-md.shandscripts/scaffold-agents-md.sh) to perform read-only audits and generate file skeletons. These operations are restricted to the local filesystem and include safety checks, such as refusing to overwrite existing files without explicit configuration. - [DATA_EXFILTRATION]: During the discovery and audit phases, the skill reads repository configuration files (e.g.,
package.json,README.md,Makefile) to extract architectural patterns and verified commands. This data is used internally to generate documentation and is not transmitted to external servers. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it ingests and processes untrusted data from the repository's existing instruction files and documentation. It mitigates this risk through a multi-wave discovery process and strict requirements for the agent to verify all commands and paths against the actual filesystem.
- [REMOTE_CODE_EXECUTION]: The skill provides instructions for generating adapters for well-known services like GitHub Copilot, Devin, and Greptile. These references are documented neutrally and are part of the skill's intended functionality for cross-platform compatibility.
Audit Metadata