docs-seeker
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core function of fetching and processing external technical documentation.\n
- Ingestion points: External documentation data enters the agent context via
fetch-docs.jsand is further processed byanalyze-llms-txt.js.\n - Boundary markers: Absent. The skill does not implement XML tags, delimiters, or specific safety instructions to the agent to treat retrieved documentation as untrusted content.\n
- Capability inventory: The skill executes internal Node.js scripts and includes workflows that suggest cloning repositories and using CLI tools like
repomix.\n - Sanitization: No sanitization, filtering, or validation is performed on the content retrieved from external documentation URLs.\n- [EXTERNAL_DOWNLOADS]: Fetches technical documentation and configuration metadata from
context7.comand GitHub. These are recognized as well-known technology services and are used for their intended purpose; these interactions are documented neutrally.\n- [COMMAND_EXECUTION]: Executes included scripts (detect-topic.js,fetch-docs.js,analyze-llms-txt.js) using Node.js to classify queries and automate documentation retrieval. Theenv-loader.jsutility implements a hierarchical search for environment configuration, which is a common pattern for managing tool settings.
Audit Metadata