api-documenter
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides legitimate functionality for API documentation with no malicious behavior detected.
- [PROMPT_INJECTION]: Instructions in SKILL.md focus on documentation structure and best practices, with no evidence of bypass attempts or system prompt extraction.
- [DATA_EXFILTRATION]: Scripts do not access sensitive file paths or credentials. There is no unauthorized network communication or data transmission logic.
- [REMOTE_CODE_EXECUTION]: The utility scripts (generate_openapi.py and validate_openapi.py) only use standard Python libraries for local file and text operations.
- [COMMAND_EXECUTION]: The use of the Bash tool is restricted to invoking the local Python scripts for intended documentation tasks.
Audit Metadata