tasks-documentation
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to process untrusted external data (source code and documentation files), creating a vulnerability surface for indirect prompt injection.\n
- Ingestion points: The skill ingests data from local files using the
Read,Grep, andGlobtools as part of its identification and documentation workflow.\n - Boundary markers: No specific delimiters or "ignore embedded instructions" warnings are provided to the agent to distinguish between the content being documented and the agent's operating instructions.\n
- Capability inventory: The skill is configured with broad capabilities, including
Bash,Write, andEdit, which could be manipulated if an attacker embeds malicious instructions within the files being processed.\n - Sanitization: There are no logic or validation steps defined to sanitize or escape the content read from external source files before it is processed by the agent.
Audit Metadata