dev-docs-guide
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOW
Full Analysis
- Prompt Injection (SAFE): The skill instructions are purely task-oriented and do not attempt to override system prompts or bypass safety guidelines.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or access to sensitive local file paths (like ~/.ssh or .env) were detected.
- Indirect Prompt Injection (LOW): The skill processes external content through documentation fetching. (1) Ingestion points:
docs_fetchanddocs_searchtools. (2) Boundary markers: None specified. (3) Capability inventory: Information retrieval and display only; no code execution or file modification capabilities. (4) Sanitization: Not specified. The risk is considered low because the skill lacks high-privilege write or execute capabilities. - Remote Code Execution (SAFE): No patterns of downloading and executing remote scripts or installing unauthorized packages were found.
Audit Metadata