review-docs
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (LOW): Vulnerability to indirect prompt injection (Category 8). The skill ingests untrusted data from documentation and code files which could contain malicious instructions. Evidence: 1. Ingestion points: Reads various project files including README.md, AGENTS.md, docs/, and source code. 2. Boundary markers: Absent; there are no instructions to ignore embedded commands in target files. 3. Capability inventory: Limited to read-only operations and generating reports; no write or network access. 4. Sanitization: Absent.
- COMMAND_EXECUTION (LOW): The skill instructs the agent to execute 'git diff' commands to determine the scope of documentation to review.
Audit Metadata