scientific-documentation
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's primary logic is contained within markdown instructions and a documentation template. No executable scripts, binary files, or network-bound activities were detected.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes conversation history and project source code. This is an inherent risk for documentation tools that must analyze untrusted developer input.
- Ingestion points: Conversation history and code blocks as specified in the SKILL.md workflow.
- Boundary markers: None are defined to isolate the analyzed data from the agent's instructions.
- Capability inventory: The skill uses an external tool to write .docx files to the output directory.
- Sanitization: No content sanitization or escaping mechanisms are specified.
Audit Metadata