devdocs-verify
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it reads and analyzes content from external documentation and source code files.
- Ingestion points: Content is read from '01-requirements.md', '02-system-design.md', and '03-test-cases.md'.
- Boundary markers: The skill does not implement specific delimiters or warnings to ignore embedded instructions within processed files.
- Capability inventory: The skill uses 'Bash', 'Read', 'Glob', and 'Grep' to perform its verification tasks.
- Sanitization: No content validation or filtering of input files is mentioned.
- [COMMAND_EXECUTION]: Uses the 'Bash' tool to execute local verification logic and generate report files, which is consistent with its stated purpose.
- [EXTERNAL_DOWNLOADS]: The skill optionally uses well-known browser automation tools (Playwright, Chrome DevTools) for UI verification, which are considered trusted sources.
Audit Metadata