api-documenter
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): No instructions attempting to override agent behavior, bypass safety guidelines, or extract system prompts were detected.
- [Data Exposure & Exfiltration] (SAFE): The skill does not perform any file system access, network operations, or handle sensitive credentials.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external packages (npm, pip, etc.) or remote scripts are downloaded or executed.
- [Obfuscation] (SAFE): No encoded content, zero-width characters, or homoglyphs were found in the skill text.
- [Indirect Prompt Injection] (LOW):
- Ingestion points: The skill is designed to process user-provided API specifications (OpenAPI, GraphQL).
- Boundary markers: None explicitly defined in the instructions.
- Capability inventory: None. The skill does not have access to shell execution, file writing, or network tools.
- Sanitization: None. However, because the skill has no dangerous capabilities, the risk of an indirect injection causing system harm is negligible.
Audit Metadata