Skills
skills/fradser/dotclaude/update-readme/Gen Agent Trust Hub

update-readme

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill performs legitimate file system and repository management tasks. It uses tools like Read, Write, Edit, and Glob to manage documentation and Bash(git:*) to check project history.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests untrusted data from the repository to generate documentation.
  • Ingestion points: Step 1 (Survey the project) instructs the agent to read all skill/module directories, SKILL.md files, and existing README files.
  • Boundary markers: No explicit delimiters or boundary markers are defined for the data read from project files.
  • Capability inventory: The skill has Write, Edit, and Bash(git:*) capabilities to modify the repository.
  • Sanitization: No explicit sanitization or filtering of the ingested content is specified before drafting new README files.
  • Note: This behavior is inherent to the primary function of a documentation tool and is considered acceptable risk given the intended use case.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 02:56 AM