improve-doc
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted markdown data from the file system during Phase 1. There are no explicit boundary markers or sanitization steps mentioned in the workflow. However, because the skill lacks network access or the ability to execute shell commands, the risk of exploitation is negligible. This surface is inherent to the skill's primary purpose of documentation improvement.
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill reads and overwrites a local file specified by the user's path argument. This access is scoped to the provided file and is necessary for the skill's intended functionality. No evidence of unauthorized file access or data exfiltration to external domains was detected.
- [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: The skill references internal components such as
beagle-docs:docs-styleandbeagle-docs:tutorial-docs. These appear to be modular platform-provided skills rather than external code downloads or untrusted remote script executions.
Audit Metadata