docs-alignment-maintainer
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a Python script (
scripts/docs_alignment_maintainer.py) that performs local filesystem read and write operations. The script is designed to modify markdown documentation files to ensure consistency with detected project settings. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes untrusted documentation content from a workspace to generate reports and apply fixes.
- Ingestion points:
scripts/docs_alignment_maintainer.pyreads file content fromREADME.md,AGENTS.md, and other documentation files. - Boundary markers: The script's output report does not implement specific delimiters or boundary markers to isolate content extracted from the files being audited.
- Capability inventory: The script can perform file writes restricted to specific markdown filenames via
Path.write_text. - Sanitization: No explicit sanitization or escaping of the content read from files is performed before it is processed by the script's logic.
Audit Metadata