readme-write
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes and interpolates untrusted data from the user's project environment.
- Ingestion points: The skill instructions in
SKILL.md(Step 1 and Step 3) direct the agent to analyzepackage.json,requirements.txt,Cargo.toml, and existingREADME.mdfiles. - Boundary markers: There are no explicit instructions or delimiters defined to separate the agent's system instructions from the potentially untrusted content found in project configuration files.
- Capability inventory: The skill has the capability to write to the local filesystem by creating or modifying the
README.mdfile based on analyzed data. - Sanitization: The skill lacks instructions for sanitizing or validating strings extracted from project files (e.g., project names or descriptions) before they are written to the documentation output.
- [EXTERNAL_DOWNLOADS]: The skill references image URLs from
img.shields.iofor generating status badges. This is a well-known and standard service for documentation and does not pose a security risk in this context.
Audit Metadata