readme-generator
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell utilities like
ls,grep,cat, andjqto detect project configuration files (e.g.,Cargo.toml,package.json,pyproject.toml) and extract relevant metadata for README generation. These operations are restricted to non-destructive read actions on specific files within the project directory. - [SAFE]: All external URLs referenced in the skill's templates belong to well-known and trusted services such as Shields.io, PyPI, npmjs.com, and crates.io. These are used for project badges and documentation links.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests untrusted project metadata and existing README content to inform its generation process. This is inherent to its primary purpose. 1. Ingestion points: Project configuration files and user-provided READMEs. 2. Boundary markers: Absent. 3. Capability inventory: Execution of local metadata extraction commands. 4. Sanitization: Absent. The risk is considered negligible given the focused and non-privileged nature of the extraction operations.
- [SAFE]: No obfuscation, data exfiltration, or persistence mechanisms were detected in the skill's workflow or reference files.
Audit Metadata