phoenix-llms-txt
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes standard Unix utilities including
find,sed,grep, andcommto compare the local filesystem against the documentation index. It also includes a local verification step usingpnpm testwithin the project's own CLI package. These operations are legitimate, limited to the local environment, and align with the skill's purpose of documentation auditing. - [PROMPT_INJECTION]: The skill processes markdown (
.mdx) files from the local repository during the auditing phase. While reading untrusted documentation content can theoretically serve as a vector for indirect prompt injection, the skill does not perform high-risk operations or grant elevated privileges that would make this surface exploitable in a malicious way. The behavior is consistent with standard documentation management tasks.
Audit Metadata