documentation-generation
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by design as it parses and processes content from external, potentially untrusted codebases.
- Ingestion points: SKILL.md specifies that the agent extracts information from code, configurations, and comments. resources/implementation-playbook.md provides code examples for parsing Python files and Pydantic schemas.
- Boundary markers: The instructions lack explicit delimiters or guidance to the agent to disregard instructions found within the processed source material.
- Capability inventory: The skill is focused on documentation generation (Markdown, HTML, YAML) and does not demonstrate capabilities for executing the analyzed content on the agent host.
- Sanitization: There is no evidence of input validation or sanitization to prevent malicious instructions in the code from affecting the agent's behavior.
- [EXTERNAL_DOWNLOADS]: Templates within the resource files reference assets and tools from well-known services.
- Evidence: resources/implementation-playbook.md includes HTML templates that load Swagger UI components from the jsDelivr CDN and references official GitHub Actions for environment setup and deployment.
Audit Metadata