docs-generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- NO_CODE (SAFE): The skill consists entirely of markdown-based instructions and templates. No scripts or executables are included in the skill definition.
- Indirect Prompt Injection (SAFE): The skill has a surface for indirect prompt injection as it processes repository files to generate documentation. (1) Ingestion points: Repository files and structure analyzed in Phase 1. (2) Boundary markers: Absent. (3) Capability inventory: Writing documentation files (AGENTS.md, agent.d) to the filesystem. (4) Sanitization: Absent. This behavior is considered safe as it is fundamental to the skill's intended primary purpose of codebase analysis.
Audit Metadata