index-docs
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's core functionality is restricted to reading local files from specified project directories (docs/ and src/) and writing index files to a local directory (.claude/index/).\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes untrusted data from documentation and code files to generate an index. However, it only extracts structural metadata and keywords for searching purposes and does not execute the processed content.\n
- Ingestion points: Documentation files in the docs/ directory and source code in the src/ directory.\n
- Boundary markers: No explicit markers or instructions to disregard instructions within the indexed content are defined.\n
- Capability inventory: The skill reads project files and writes output in JSON and Markdown formats to the local .claude/index/ folder.\n
- Sanitization: No content sanitization or validation of the input files is described in the provided workflows.
Audit Metadata