api-doc-lookup
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is purely informational, providing the agent with instructions and URL patterns to fetch Effect-TS API documentation from its official GitHub Pages site (https://effect-ts.github.io/effect/).
- [DATA_EXPOSURE]: The skill does not access any sensitive local files, environment variables, or hardcoded credentials. It only facilitates reading public documentation.
- [COMMAND_EXECUTION]: No shell commands, subprocesses, or executable scripts are present in the skill.
- [INDIRECT_PROMPT_INJECTION]: The skill involves ingesting data from an external website, which is a potential surface for indirect prompt injection.
- Ingestion points: The agent is instructed to use WebFetch on pages under the 'https://effect-ts.github.io/effect/' domain.
- Boundary markers: The skill does not provide specific instructions to the agent on how to delimit or isolate the fetched content.
- Capability inventory: The skill itself has no capabilities to write files, execute code, or perform network operations beyond the initial fetch.
- Sanitization: No sanitization is mentioned.
- Assessment: Because the target domain is the official documentation for a reputable software library, the risk of malicious instructions being embedded in the data is extremely low.
Audit Metadata