Skills
skills/zenon-red/skills/zoe-project-setup/Gen Agent Trust Hub

zoe-project-setup

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes untrusted data from idea descriptions and message threads using the probe tool. Malicious instructions embedded in these external sources could attempt to influence the agent's behavior during the project setup process.\n
  • Ingestion points: External data enters the agent context via probe idea get and probe message list (SKILL.md).\n
  • Boundary markers: Absent. The skill does not use specific delimiters or instructions to ignore embedded commands within the ingested data.\n
  • Capability inventory: The skill has significant capabilities, including gh repo create, gh api for branch protection, git push, and probe project create (SKILL.md).\n
  • Sanitization: Present. The skill instructs the agent to verify that the sender of a message matches the original idea author before acting on retraction signals, providing a check against unauthorized command triggers.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 06:20 PM