documentation-writer
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill's primary function involves reading and processing external codebase files, which could potentially contain malicious instructions embedded in comments or strings. * Ingestion points: Reads project files using Read, Grep, and Glob tools. * Boundary markers: Lacks explicit delimiters or instructions to treat ingested content as data rather than instructions. * Capability inventory: The model has access to Write and Edit tools, which could be misused if it obeys instructions found within the code being documented. * Sanitization: No sanitization or filtering of codebase content is mentioned in the process flow.
Audit Metadata