update-project-docs
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious patterns or behaviors detected. The skill performs standard file reading and writing operations consistent with its stated purpose of maintaining project documentation.
- [Data Exposure] (LOW): The skill uses git diff and reads local documentation files to identify changes. It does not access sensitive system paths, credentials, or hidden directories like .ssh or .aws.
- [Indirect Prompt Injection] (LOW): The skill processes untrusted user-controlled files which represents a potential injection surface. 1. Ingestion points: Reads CLAUDE.md and AGENTS.md files from the project root. 2. Boundary markers: No explicit markers are defined to isolate data from instructions. 3. Capability inventory: Authorized to read and edit the specific documentation files within the project directory. 4. Sanitization: No content sanitization or validation is implemented for the data read from project files.
Audit Metadata