daramex-monorepo-docs
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface identified in the documentation update workflow.
- Ingestion points: Metadata, such as titles and summaries, extracted from documentation files within the
apps/docs/directory. - Boundary markers: The instructions do not define delimiters or explicit warnings to ensure that processed metadata is treated as untrusted during configuration updates.
- Capability inventory: The agent is required to modify
apps/docs/.vitepress/config.ts, which is an executable TypeScript file that controls the build and navigation of the documentation site. - Sanitization: The skill lacks guidance on sanitizing or validating input strings before they are interpolated into the executable configuration file.
Audit Metadata