docgen-generate
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The security audit of the skill reveals no malicious patterns, obfuscation, or unauthorized data access. The skill operates within its intended scope of document generation.
- [EXTERNAL_DOWNLOADS]: The skill communicates with the DocGen Engine API located at
https://docgen-production-503d.up.railway.app. This network activity is a core functional requirement for generating PDF documents from user-provided data. - [COMMAND_EXECUTION]: The skill is designed to save binary PDF data received from the API to the local file system. This is the primary method of delivery for the requested document.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it processes untrusted user data and scans external PDF files to extract document fields.
- Ingestion points: User-provided invoice details and data extracted from uploaded PDFs via the
/api/v1/scanendpoint (documented inreferences/api.md). - Boundary markers: None identified; user data is interpolated into API requests without explicit delimiters.
- Capability inventory: The skill can perform network POST requests and write binary files to the local disk.
- Sanitization: There is no evidence of input sanitization or validation before data is processed by the API.
Audit Metadata