product-context-docs
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's behavior is limited to reading and writing documentation files within the local repository. It does not perform network operations, execute code, or access sensitive system files.\n- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it reads existing repository content (README.md, existing docs) to generate documentation. This introduces a surface where those files might contain malicious instructions intended to influence the agent's behavior during the documentation process. However, because the skill's capabilities are restricted to writing markdown, the risk is negligible.\n
- Ingestion points: Reads repository files such as README.md, docs/ folder, and product briefs as specified in SKILL.md.\n
- Boundary markers: No explicit instructions or delimiters are used to separate untrusted file content from the agent's instructions.\n
- Capability inventory: Restricted to Write and Edit tools for modifying markdown documentation within the repository.\n
- Sanitization: No sanitization or validation of ingested content is performed before it is used to populate documentation templates.
Audit Metadata