docs-writer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Command Execution (LOW): The skill provides shell command snippets (ls, grep, sort, uniq) to check for file naming collisions in the documentation directory. These are restricted utility commands for local file management and do not involve network operations or high-privilege actions.
- Indirect Prompt Injection (LOW): As a tool designed to generate documentation from existing project source material, this skill is susceptible to indirect prompt injection if the ingested data contains malicious instructions. 1. Ingestion points: Implicitly ingests local project files or code provided in the context to generate documentation. 2. Boundary markers: No explicit boundary markers or 'ignore' instructions are defined for the ingested data. 3. Capability inventory: Uses Read, Write, and Edit tools for file manipulation. 4. Sanitization: No specific sanitization or validation of input data is mentioned in the skill instructions.
Audit Metadata