octocode-documentation-writer
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill architecture is susceptible to indirect prompt injection as it processes untrusted source code from external repositories. \n
- Ingestion points: File contents and directory structures are read across multiple phases, including Discovery (Phase 1), Research (Phase 3), Writing (Phase 5), and QA (Phase 6). \n
- Boundary markers: The skill does not implement explicit delimiters or instructions for sub-agents to ignore potentially malicious content within the analyzed code. \n
- Capability inventory: The pipeline has file read/write access and the ability to spawn parallel sub-agents with broad tool access. \n
- Sanitization: No explicit sanitization or instruction-filtering is applied to the repository data before it is processed by the AI agents. \n- [EXTERNAL_DOWNLOADS]: The skill requires the installation of octocode-cli and octocode-mcp via npx, which are vendor-owned resources (bgauryy) necessary for the skill's functionality. \n- [COMMAND_EXECUTION]: The orchestration logic executes various local discovery and search operations using specialized MCP tools to understand the project structure and logic.
Audit Metadata