solo-content-gen
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its processing of untrusted documentation files.
- Ingestion points: The skill reads content from user-controlled files such as docs/prd.md, README.md, CLAUDE.md, and research.md.
- Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from following commands that might be embedded within these documentation files.
- Capability inventory: The skill has access to Read, Grep, Glob, and Write tools, allowing it to process local files and save generated output to the filesystem.
- Sanitization: No sanitization or validation of the input data is performed before it is used to generate the final content pack.
Audit Metadata