code-self-describe
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted source code to generate summaries and headers, creating an indirect prompt injection surface. Malicious instructions embedded in code comments could potentially influence the agent's behavior during documentation generation.
- Ingestion points: Reads all source files, dependency manifests (package.json, go.mod), and existing CLAUDE.md files.
- Boundary markers: Uses '' markers to delimit sections, but these do not prevent the agent from being influenced by the content it summarizes.
- Capability inventory: Has access to 'Read', 'Write', 'Edit', and 'Bash' tools, allowing for broad file system and system-level operations.
- Sanitization: No explicit sanitization or validation of extracted code content is documented before it is used for generation.
- [COMMAND_EXECUTION]: The skill uses the 'Bash' tool to analyze project structures and perform Git operations (git diff). While necessary for its primary purpose, the use of a general-purpose shell requires monitoring to ensure commands remain within the expected scope of documentation management.
Audit Metadata