create-doc
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it ingests untrusted user content from arguments and writes it to a file system accessible to the agent. This content could contain instructions that deceive or manipulate subsequent agent operations when the files are read back.\n
- Ingestion points: User input provided via
$ARGUMENTSis used to generate documentation content inSKILL.md.\n - Boundary markers: The skill does not implement delimiters or safety instructions to distinguish between documentation text and potential commands.\n
- Capability inventory: The skill utilizes the
Read,Glob, andWritetools to interact with the local.chalk/docs/directory.\n - Sanitization: No sanitization or validation of the documentation content is performed before the file is written to the disk.- [SAFE]: The skill operates entirely within the local environment using standard file system tools. There are no indications of external network calls, hardcoded credentials, or malicious obfuscation.
Audit Metadata