accelint-readme-writer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection (Category 8) because it recursively parses and analyzes files within a codebase, including source code, comments, and tests, which are untrusted data sources.
- Ingestion points: The skill reads source files, entry points, and JSDoc/TSDoc comments as specified in
references/codebase-analysis.md. - Boundary markers: Absent; there are no instructions for the agent to use delimiters or ignore embedded instructions when reading untrusted code data.
- Capability inventory: The skill allows broad read access to the workspace and generates markdown documentation based on the findings.
- Sanitization: Absent; the skill does not include steps to sanitize or filter extracted code strings or comments before including them in the generated README.
Audit Metadata