crafting-effective-readmes
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWNO_CODE
Full Analysis
- NO_CODE (SAFE): The skill consists entirely of markdown files, templates, and reference documentation. There are no scripts, binaries, or automated tasks that execute commands on the host system.
- PROMPT_INJECTION (SAFE): The instructions follow a standard procedural format without attempts to override system safety filters or bypass constraints.
- DATA_EXFILTRATION (SAFE): No network operations (curl, wget, etc.) or file upload mechanisms are present. The skill only interacts with the local file system to read and write markdown documentation.
- INDIRECT PROMPT INJECTION (LOW): The skill identifies a task where it reads project files (like
package.json) to verify documentation accuracy. While these files are untrusted external content, the skill's capability is limited to text generation, posing minimal risk beyond potential bias in the generated markdown output.
Audit Metadata