documentation
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill's workflow involves reading existing documentation and registry files, which could contain malicious instructions designed to influence the agent's behavior during updates.
- Ingestion points: The agent reads from the docs/ directory, registry.md, and file paths specified in document frontmatter.
- Boundary markers: While markdown frontmatter is used as a delimiter, the skill does not explicitly instruct the agent to ignore or isolate potentially adversarial content within these files.
- Capability inventory: The skill is authorized to perform file system write operations to create/update documents and modify project configuration files (e.g., .vitepress/config.ts).
- Sanitization: There is no evidence of content sanitization or validation of external file data before it is processed by the agent.
- [NO_CODE]: The skill is composed entirely of Markdown guidelines and templates. It does not include any Python, JavaScript, shell scripts, or other executable binaries provided with the skill itself.
Audit Metadata