doc-sync
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill possesses a surface for Indirect Prompt Injection (Category 8).
- Ingestion points: The skill ingest data from various repository files, including source code (src/), documentation (docs/), and configuration files (AGENTS.md, CLAUDE.md), using the
ReadandGreptools. - Boundary markers: Absent. The skill instructions do not define clear delimiters or provide instructions to the agent to disregard potential commands found within the processed file content.
- Capability inventory: The skill has access to the
Bash(command execution) andEdit(file modification) tools. This combination of reading untrusted data and having write/execution capabilities creates a risk if an attacker embeds malicious instructions in the code or documentation. - Sanitization: Absent. There is no evidence of content validation or escaping before the file data is processed by the AI agent.
Audit Metadata