make-readme
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface detected. The skill reads external project manifests such as package.json and pyproject.toml to extract project details which could potentially influence agent behavior if the files contain malicious instructions.
- Ingestion points: Manifest files scanned via Glob and Read tools in Step 1 and Step 4.
- Boundary markers: The skill does not implement specific delimiters to separate manifest data from instructions.
- Capability inventory: The skill is restricted to Write, Read, Glob, and AskUserQuestion tools, lacking network or arbitrary command execution capabilities.
- Sanitization: No evidence of sanitization or validation for extracted metadata is performed before it is used in the output.
- [SAFE]: The skill uses Shields.io, a well-known service, for generating status and tech stack badges which is standard practice for open-source documentation.
- [SAFE]: The skill follows its stated purpose by using standard file system tools (Read, Write, Glob) for document generation without suspicious network or privilege-related operations.
Audit Metadata