do-init
Initializes a project for Maverick by verifying GitHub App, installing CLI, and setting up project configurations.
Install this skill
or
65/100
Security score
The do-init skill was audited on Jun 11, 2026 and we found 5 security issues across 2 threat categories, including 1 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
high line 26
Template literal with variable interpolation in command context
SourceSKILL.md
| 26 | - Read the plugin version: `grep -Po '(?<=^version = ")[^"]+' "${CLAUDE_PLUGIN_ROOT}/pyproject.toml"` |
medium line 21
Access to hidden dotfiles in home directory
SourceSKILL.md
| 21 | **If `maverick` is not on PATH**, dispatch the **/maverick:do-install** skill and wait for it to complete. After the install returns, re-run `command -v maverick` to confirm the binary is now resolvab |
medium line 57
Access to hidden dotfiles in home directory
SourceSKILL.md
| 57 | > `~/.maverick/maverick-gh-app.pem` (or any path you prefer). |
medium line 60
Access to hidden dotfiles in home directory
SourceSKILL.md
| 60 | > 4. Add a `gh_app` block to `~/.maverick/config.json`: |
medium line 67
Access to hidden dotfiles in home directory
SourceSKILL.md
| 67 | > "private_key_path": "~/.maverick/maverick-gh-app.pem" |
Scanned on Jun 11, 2026
View Security Dashboard