Skills
skills/aws-samples/sample-deep-insight/readme-generator/Gen Agent Trust Hub

readme-generator

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is a benign documentation utility that guides an AI agent through a logical workflow for project analysis and content generation.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to ingest and process untrusted data from the user's codebase (e.g., project structure, dependencies, and imports) to generate documentation. However, the risk is minimal given the skill's limited scope and the intended primary purpose of text generation.
  • Ingestion points: The workflow in SKILL.md (Step 1) instructs the agent to use Glob and Read on various project files such as pyproject.toml, requirements.txt, and source code.
  • Boundary markers: No specific delimiters or instructions are provided to the agent to treat external file content as untrusted data or to isolate it from the rest of the prompt context.
  • Capability inventory: The skill utilizes Read, Glob, and Grep tools for discovery and analysis of existing files to write a new README.md file.
  • Sanitization: There is no evidence of sanitization or validation of the content read from the codebase before it is used to populate the README template.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 01:38 AM