docs
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill employs standard developer tools, specifically git (git diff, git add, git commit) and the GitHub CLI (gh pr diff, gh pr view), to perform its core functions. These commands are used for analyzing implementation changes and persisting documentation files within the local environment.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) by processing untrusted data from repository files and pull requests. 1. Ingestion points: Input includes SPEC.md content, pull request diffs via gh, and local repository files via glob and read operations. 2. Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions for external data. 3. Capability inventory: The skill has permissions to write to the repository (git commit) and perform UI automation via the /browser and /screengrabs tools. 4. Sanitization: No explicit logic for sanitizing or escaping the content of processed files is defined in the workflow.
Audit Metadata