setup-llms-txt
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION] (LOW): The skill performs network operations to a non-whitelisted domain (inlay.dev) during the AI readiness audit step. This is categorized as low risk because it only transmits a site URL for analysis.
- [COMMAND_EXECUTION] (SAFE): Employs standard system tools such as ls, find, and curl for analyzing project structure and verifying file accessibility. These actions are appropriate for the skill's primary purpose.
- [PROMPT_INJECTION] (LOW): The skill exposes an indirect prompt injection surface by fetching and displaying content from remote llms.txt files. Evidence: 1. Ingestion points: Content fetched via curl in Step 1 and Step 5. 2. Boundary markers: Absent. 3. Capability inventory: File system writing and command execution. 4. Sanitization: No validation or filtering is performed on the retrieved text before it is presented to the agent.
Audit Metadata