agents-md-writer
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection by processing untrusted repository files to create documentation.
- Ingestion points: SKILL.md reads project files like package.json and README.md.
- Boundary markers: No delimiters are used to wrap ingested data.
- Capability inventory: Executes shell analysis commands and local Python scripts.
- Sanitization: No evidence of input validation or escaping for the read content.
- [COMMAND_EXECUTION]: The skill utilizes shell commands such as find, cat, and grep to perform project analysis. While these are necessary for its intended purpose, they constitute a file access capability that could be targeted.
Audit Metadata