lib-docs
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches documentation from external websites, including official project domains such as react.dev and nodejs.org, as well as public GitHub repositories. This behavior is central to the skill's primary function and targets well-known technology service providers.- [PROMPT_INJECTION]: The skill is exposed to indirect prompt injection risks by processing untrusted data from external websites.
- Ingestion points: Data enters the agent context via the WebFetch tool as described in SKILL.md.
- Boundary markers: The skill lacks explicit markers or instructions to the LLM to ignore potentially malicious instructions embedded within the documentation it fetches.
- Capability inventory: The skill utilizes WebSearch, WebFetch, and Read (to access its local source list).
- Sanitization: There is no evidence of sanitization or filtering applied to the content retrieved from external URLs before it is summarized for the user.
Audit Metadata