docs-architect
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill contains no instructions to bypass safety filters, override system prompts, or extract internal configuration. Instructions are focused entirely on the persona of a technical writer.- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, API keys, or network exfiltration commands (such as curl or wget) were found. While the skill processes codebases, it does not attempt to send data to external domains.- [Remote Code Execution] (SAFE): There are no package installations (pip, npm) or remote script executions defined in the instructions.- [Indirect Prompt Injection] (LOW): The skill ingests untrusted data from codebases which could contain hidden instructions. However, the instructions do not grant the agent high-risk capabilities like writing files or executing commands based on that data, limiting the impact to potential output manipulation.
Audit Metadata