devdocs-onboard
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted project documentation to generate summaries, creating a surface for indirect prompt injection attacks. Ingestion points: Reads markdown files within docs/devdocs/ and command outputs from git log. Boundary markers: Absent; there are no specific instructions or delimiters to prevent the agent from obeying instructions embedded in the summarized data. Capability inventory: The skill uses Write permissions to create and update context files. Sanitization: Absent; the skill does not validate or sanitize the content of the documents it reads before processing them.\n- [COMMAND_EXECUTION]: The skill executes system commands to gather project metadata for its summary. Evidence: The workflow includes executing ls, tree, git status, and git log. These commands are used according to the skill's primary purpose of project onboarding and do not target sensitive system directories.
Audit Metadata