docs-init
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface identified. \n
- Ingestion points: The skill reads the first 512 bytes of documentation files in
docs/project-reference/and configuration fromdocs/project-config.json. \n - Boundary markers: None present; the agent is instructed to read file content directly to identify placeholder text strings. \n
- Capability inventory: The agent is authorized to create tasks (
TaskCreate) and invoke other system skills (/scan-*) based on its assessment of the files read. \n - Sanitization: No validation or escaping of the ingested file content is performed before processing. \n- [SAFE]: No patterns of data exfiltration, hardcoded credentials, or unauthorized shell command execution were found in the skill's instructions. The workflow relies on standard agent interaction patterns like user questions and task planning.
Audit Metadata