update-docs
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses git commands (
git log,git diff) and file system commands (ls) to analyze repository changes. These commands are executed locally to facilitate documentation updates.\n- [PROMPT_INJECTION]: The skill processes data from git logs and directory structures, which constitutes an indirect prompt injection surface.\n - Ingestion points: Git log metadata and file listings from the repository are read into the agent context during the update process.\n
- Boundary markers: No specific delimiters or instructions are used in the prompt logic to distinguish ingested metadata from system instructions.\n
- Capability inventory: The agent has the capability to write to local files (
CLAUDE.mdand_/.last-update-docs).\n - Sanitization: No explicit sanitization or validation of the git metadata (such as commit messages or filenames) is performed before it is used for documentation updates.\n- [SAFE]: No network access, remote code execution from external sources, or credential exposure patterns were detected. The skill's behavior is consistent with its stated purpose of project maintenance.
Audit Metadata