frontend-functionality-docs
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local bash script (
scripts/collect-frontend-routes.sh) to automate the discovery of frontend routes. The script relies on theripgrep(rg) utility to search for file patterns and code strings related to routing configurations. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted source code and documentation to generate functionality summaries.
- Ingestion points: Reads route entry files (e.g., Next.js pages, Remix routes) and existing documentation files like
AGENTS.mdfound in the repository. - Boundary markers: The skill does not implement explicit delimiters or instructions to ignore potential commands embedded within the analyzed source code.
- Capability inventory: Executes a local shell script for file discovery and has broad read access to project source files to generate documentation.
- Sanitization: No validation or sanitization of the content from source files is performed before it is presented to the AI for processing.
Audit Metadata