diataxis-docs-framework
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses directive markers in
SKILL.mdandAGENTS.mdto override the agent's internal training data. Specifically, it employs instructions such as "Always rely on this skill's rule files... as the source of truth" and "Do not fall back on generic documentation advice" when it conflicts with the framework. While intended for domain accuracy, this matches the pattern for instructional overrides and behavior-bypass markers. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection when processing untrusted user data for documentation tasks.
- Ingestion points: User-provided text strings and documentation drafts processed through triggers like "document this" or "technical writing."
- Boundary markers: Absent; the skill lacks explicit instructions to treat user data as untrusted or to use delimiters to prevent the agent from executing instructions embedded in that data.
- Capability inventory: The skill possesses 27 rules that influence text generation, information architecture, and content structure across multiple files.
- Sanitization: Absent; there are no defined mechanisms for escaping or validating external content before it is processed by the agent.
Audit Metadata