doc-generator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Dynamic Execution] (HIGH): The skill instructions suggest using the 'inspect' module for runtime introspection. Python's 'inspect' utility requires loading the module into memory via an import, which triggers the execution of all top-level statements. This allows malicious Python files to execute arbitrary commands on the system when they are processed by the skill.
- [Indirect Prompt Injection] (LOW): The skill processes untrusted content from docstrings in Python files and incorporates it into markdown output. 1. Ingestion points: Python source files (.py). 2. Boundary markers: None specified. 3. Capability inventory: File system access via 'pathlib', static analysis via 'ast', and module execution via 'inspect'. 4. Sanitization: No sanitization or filtering of docstring content is mentioned.
Recommendations
- AI detected serious security threats
Audit Metadata