documentation-specialist
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it is instructed to read and process external data from the project's file system.
- Ingestion points: The skill reads various Markdown files in the
docs/directory and source code files likeserver/api/posts/index.post.ts. - Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore or isolate instructions that might be embedded within the files it reads.
- Capability inventory: The skill has permissions to read and write files within the project workspace, specifically under the
docs/path. - Sanitization: No sanitization, validation, or filtering of the ingested content is performed before the agent acts upon the data.
Audit Metadata