write-docs
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill consists entirely of instructional markdown and documentation templates. It does not contain any functional logic that could be exploited independently of the LLM's own context.
- [NO_CODE]: No scripts, binaries, or configuration files that execute commands are included with this skill. It relies purely on natural language instructions for the agent.
- [EXTERNAL_DOWNLOADS]: The skill references official Inkeep domains (inkeep.com) and GitHub repositories (github.com/inkeep/agents) within its documentation templates, which are categorized as trusted vendor resources.
- [PROMPT_INJECTION]: The skill instructions provide clear boundaries for the agent (e.g., 'Do NOT use when') and do not attempt to bypass security filters. It also includes an analysis of indirect prompt injection surfaces as it processes external content. • Ingestion points: The workflow identifies 'engineering or product changes (staged files, PR diff, or task description)' as primary data inputs for documentation generation. • Boundary markers: Absent; the skill does not define specific delimiters for separating untrusted input data from documentation instructions. • Capability inventory: None; the skill does not define any tools, subprocesses, or network-capable scripts. • Sanitization: Absent; no explicit sanitization or escaping of input data is required by the instructions.
Audit Metadata