backend-to-frontend-handoff-docs
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill ingests backend source code (untrusted data) to extract integration details. Malicious instructions embedded in code comments could potentially influence the agent's reasoning or the content of the generated documentation. However, the impact is limited as the skill only writes to a specific local documentation path. Evidence Chain: 1. Ingestion points: Local backend source code (endpoints, DTOs, controllers). 2. Boundary markers: None provided. 3. Capability inventory: File-write access to '.claude/docs/ai/'. 4. Sanitization: None specified for analyzed code content.
- [Data Exposure & Exfiltration] (SAFE): While the skill reads sensitive source code, it performs no network operations and contains no patterns for data transmission.
- [Remote Code Execution] (SAFE): No external downloads or dynamic execution patterns were detected.
Audit Metadata