update-markdown-file-index
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is designed for local documentation management. It reads file metadata (name, size, type) and writes to a target markdown file. No network access, credential use, or persistence mechanisms were detected.
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface:
- Ingestion points: The skill extracts descriptions from file headers and comments in files located within
${input:folder}. - Boundary markers: Lacks specific delimiters to isolate potentially untrusted file content from the agent's instructions.
- Capability inventory: Includes file system reads (directory listing) and file system writes (updating the markdown file index).
- Sanitization: The skill requires markdown syntax validation but does not explicitly filter or sanitize content extracted from file headers for potential adversarial instructions.
Audit Metadata