wiki-agents-md
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its core functionality of reading and summarizing local repository files.
- Ingestion points: The skill reads configuration files such as package.json, pyproject.toml, and Cargo.toml, as well as CI/CD workflows in .github/workflows/ and several source code files to identify project patterns.
- Boundary markers: There are no instructions to use delimiters or ignore embedded instructions within the files being scanned, which could allow malicious content in the repository to influence the generated documentation.
- Capability inventory: The skill performs file system read operations and writes new AGENTS.md and CLAUDE.md files to the project directory.
- Sanitization: The instructions do not specify a process for sanitizing or escaping the data extracted from repository files before it is incorporated into the generated instructions.
Audit Metadata