Skills
skills/dykyi-roman/awesome-claude-code/readme-template/Gen Agent Trust Hub

readme-template

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
  • [NO_CODE]: The skill is composed entirely of Markdown documentation and prompt instructions. It does not ship with any scripts, binaries, or configuration files that execute code.
  • [PROMPT_INJECTION]: The skill directs the agent to analyze project files such as composer.json and the src/ directory to extract information for the README. This represents an indirect prompt injection surface where malicious instructions in project files could attempt to influence the agent. However, given the lack of dangerous capabilities in the skill itself, this is considered a safe architectural pattern for its intended purpose.
  • Ingestion points: Instructions to analyze composer.json and the src/ directory (SKILL.md).
  • Boundary markers: Not present; the agent is not explicitly told to ignore instructions found within analyzed files.
  • Capability inventory: The skill's defined output is restricted to generating text (README.md) and verifying local links; no network or shell execution tools are defined.
  • Sanitization: No data sanitization or validation steps are defined for the information extracted from project files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 09:59 AM