docs-management
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill's primary function involves ingesting information from raw sources such as git logs, meeting records, and external documents into the project wiki, creating an indirect prompt injection attack surface.
- Ingestion points: docs/ directory, raw source code, git logs, and meeting records (SKILL.md).
- Boundary markers: No specific delimiters or safety instructions are defined to distinguish between management instructions and ingested data content.
- Capability inventory: File system read and write access to the docs/ directory for indexing, synthesis, and ingestion.
- Sanitization: There is no evidence of content sanitization or validation before information is merged into the knowledge base.
Audit Metadata