Skills
skills/chaorenex1/coding-workflow/chinese-interface-doc-generator/Gen Agent Trust Hub

chinese-interface-doc-generator

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill ingests untrusted source code and extracts comments for documentation, creating a potential surface for indirect prompt injection. \n
  • Ingestion points: Untrusted source code is processed via the code parameter in report_generator.py. \n
  • Boundary markers: The documentation is formatted as Markdown in doc_formatter.py, but it lacks explicit instructions to the agent to ignore any embedded instructions within the extracted text. \n
  • Capability inventory: The skill is capable of writing files to the local directory ~/.claude/interface_docs via report_generator.py. \n
  • Sanitization: The ChineseDocExtractor class in chinese_doc_extractor.py employs a regex filter [\\u4e00-\\u9fff]+ which restricts extracted content to Chinese characters, significantly reducing the likelihood of successful English-language prompt injection attacks.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:44 PM