md-docs
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill employs standard shell utilities such as
mv,cp,ln, andtestto perform file management tasks, including backing up documentation and creating symlinks (e.g., linking CLAUDE.md to AGENTS.md). - [DATA_EXFILTRATION]: The skill inspects project configuration files like
package.json,pyproject.toml, and.env.exampleto extract metadata for documentation. This is a local-only operation with no evidence of network transmission or data exfiltration patterns. - [INDIRECT_PROMPT_INJECTION]: The skill processes existing documentation and configuration files which could contain instructions intended to influence the agent's behavior during the update process.
- Ingestion points: Reads contents from
AGENTS.md,README.md,CONTRIBUTING.md, and various package manager configuration files. - Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions when reading these files.
- Capability inventory: Includes file system read/write, directory listing (
ls,tree), and file manipulation (mv,cp,ln). - Sanitization: No explicit sanitization or validation of the ingested documentation content is performed before processing.
Audit Metadata