devdocs-retrofit
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection surface identified in the code-to-documentation workflow.
- Ingestion points: The skill scans and reads untrusted project source code, comments, and existing markdown files using Read, Glob, and Grep tools (SKILL.md).
- Boundary markers: Implements mandatory EnterPlanMode to present documentation strategies and AskUserQuestion for user approval before any execution starts.
- Capability inventory: Employs Write to create new documentation files and Bash for repository operations like file renaming.
- Sanitization: Lacks explicit input sanitization; security relies on the human-in-the-loop verification process during the planning stage.
- [COMMAND_EXECUTION]: Utilizes the Bash tool for standard repository management and file discovery tasks.
- Evidence: Employs shell commands for scanning project directories (docs, tests, etc.) and uses 'git mv' during the migration process to preserve file history.
Audit Metadata