Skills
skills/eljun/claude-skills/document/Gen Agent Trust Hub

document

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill reads external data from the docs/task/ and docs/testing/ directories and uses this untrusted content to drive its workflow logic and documentation generation.
  • Ingestion points: The skill explicitly reads docs/task/{ID}-{task-name}.md and docs/testing/{ID}-{task-name}.md to gather context.
  • Boundary markers: Absent. There are no instructions or delimiters defined to help the model distinguish between its own instructions and potentially malicious commands embedded in the task or test documents.
  • Capability inventory: The skill can create and update files across the project (docs/, CLAUDE.md, TASKS.md) and can spawn subagents via the Task tool.
  • Sanitization: Absent. Content from the Automation field in the task document is used directly to trigger the automated execution of the /ship command.
  • [EXTERNAL_DOWNLOADS]: References external documentation plugins from well-known and trusted services.
  • Provides instructions to install React best-practice guidelines from Vercel Labs' official GitHub repository.
  • Provides instructions to install Postgres best-practice guidelines from Supabase's official GitHub repository.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 03:45 PM