accelint-readme-writer
Warn
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: MEDIUMPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits metadata poisoning by providing misleading authorship information. Although the skill is authored by 'gohypergiant', the internal documentation and metadata (SKILL.md, README.md) attribute it to 'accelint', which can misinform users and automated auditing systems regarding its origin.
- [PROMPT_INJECTION]: This skill presents an indirect prompt injection surface as it is designed to recursively parse a project's codebase, including source files and JSDoc comments. Malicious instructions hidden in code comments (e.g., in documentation examples or test files) could be processed and followed by the agent during the README generation process.
- [PROMPT_INJECTION]: The skill provides explicit instructions to utilize a 'humanizer' sub-skill specifically to 'remove AI writing patterns' and 'AI artifacts.' This is a form of stylistic obfuscation intended to bypass content detection systems or filters that identify AI-generated text.
- [NO_CODE]: No executable code, scripts, or binary files were detected within the skill package; it consists exclusively of Markdown instructions and reference guides.
Audit Metadata