crafting-effective-readmes
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill is composed entirely of Markdown documentation, templates, and reference materials. There are no associated scripts (Python, JavaScript, etc.), configuration files for execution, or binaries included in the skill package.
- [SAFE]: The templates provide placeholders for common documentation needs (e.g., API keys, database URLs) but do not contain any hardcoded credentials. All external links point to reputable, well-known resources in the open-source community, such as GitHub repositories for documentation standards and common badge services like Shields.io.
- [INDIRECT_PROMPT_INJECTION]: The skill defines a 'Reviewing' workflow in
SKILL.mdthat asks the agent to read local project files (e.g.,package.json, main source files) to check README accuracy. - Ingestion points: Local project files and metadata parsed during the 'Reviewing' task defined in
SKILL.md. - Boundary markers: Absent; the skill relies on the agent's default processing of workspace files.
- Capability inventory: None; the skill does not define any subprocess calls, file-write operations, or network requests.
- Sanitization: Absent; the skill is limited to generating documentation prose based on the context found.
Audit Metadata