ia-doc-creator
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from local files without explicit sanitization or boundary markers.\n
- Ingestion points: Processes content from source code paths, .md files, and .txt files as described in SKILL.md under 'Input Validation and Processing'.\n
- Boundary markers: The skill instructions do not specify any delimiters or 'ignore embedded instructions' warnings when interpolating file content into its analysis prompt.\n
- Capability inventory: The skill has the capability to write multiple markdown files to the local workspace (sitemap.md, user-flows.md, ia-audit.md, CONTRIBUTING.md) as defined in SKILL.md.\n
- Sanitization: No sanitization, escaping, or validation of the external file content is mentioned before it is processed by the agent.
Audit Metadata