scribe
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious instructions, hidden commands, or security risks were identified in the skill. The instructions describe a structured workflow for document classification and updating.
- [PROMPT_INJECTION]: The skill includes an indirect prompt injection surface as it ingests and processes content from repository files to inform its behavior.
- Ingestion points: PRODUCT.md, ARCHITECTURE.md, and IMPLEMENTATION.md in the root or docs/ directory.
- Boundary markers: No delimiters are specified to distinguish between document content and agent instructions.
- Capability inventory: Search, read, and write permissions for local Markdown files.
- Sanitization: No sanitization is performed on the ingested documentation content before it is used to extract vocabulary and project signals.
Audit Metadata