yy-create-readme
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from the local project environment to generate documentation.
- Ingestion points: The skill reads contents from project configuration files (e.g.,
package.json,pom.xml,requirements.txt) and existingREADME.mdfiles in Steps 1, 2, and 3. - Boundary markers: There are no defined delimiters or specific instructions provided to the agent to ignore or isolate potentially malicious instructions embedded within the scanned project files.
- Capability inventory: The skill has the capability to scan the project directory, read multiple file types, and perform file-write operations to the project's root
README.md(Step 6). - Sanitization: The skill does not implement sanitization, escaping, or validation of the content gathered from the project files before interpolating it into the prompt for README generation.
Audit Metadata