documentation-management
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes content from project files to maintain documentation accuracy.
- Ingestion points: The agent reads project-level files using the Read and Grep tools to identify changes (SKILL.md, reference.md).
- Boundary markers: There are no explicit delimiters or instructions defined to ignore potentially malicious embedded instructions within the source files.
- Capability inventory: The skill employs Read, Edit, Write, and Grep tools, granting it the ability to modify files based on ingested content.
- Sanitization: The instructions do not specify any validation or sanitization of input data before it is written to the documentation files.
Audit Metadata