preen-package-docs
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection vulnerability surface identified in the documentation generation workflow. * Ingestion points: The skill reads package descriptions and scripts from 'packages//package.json' and source code exports from 'packages//src/index.ts'. * Boundary markers: The skill instructions do not specify any delimiters or safety warnings to distinguish processed data from instructions when generating content. * Capability inventory: The agent has the capability to write files (README.md) and execute Git commands (git checkout, git commit) as part of its 'Workflow'. * Sanitization: There is no evidence of sanitization, validation, or escaping of the content gathered from the local package files before it is processed by the model.
Audit Metadata