setup-docs
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection from content within the analyzed codebase. * Ingestion points: SKILL.md (Workflow Step 1) specifies reading package.json, README.md, and configuration files. * Boundary markers: SKILL.md lacks delimiters or instructions for the agent to ignore embedded prompts in the ingested data. * Capability inventory: SKILL.md (Workflow Steps 3-6) utilizes the Write tool to update documentation profiles and the AGENTS.md file. * Sanitization: SKILL.md does not include sanitization or validation steps for the data read from the codebase before it is written to documentation profiles.
Audit Metadata