write-documentation
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- CREDENTIALS_UNSAFE (HIGH): The skill instructions explicitly point the agent to .env keys and configuration files as part of its documentation workflow. This provides a direct path for the agent to read and potentially expose secrets during documentation tasks.
- DATA_EXFILTRATION (HIGH): Accessing sensitive file paths like .env is a high-severity exposure risk. The agent's workflow involves reading these files to identify configuration keys, which could lead to accidental or intentional leakage of credentials through the generated documentation.
- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection. Ingestion points: Files in the docs/ directory and referenced classes/files in the project codebase (SKILL.md). Boundary markers: None provided to delimit external data from agent instructions. Capability inventory: The agent can read codebase files and write/update files in the docs/ directory. Sanitization: No validation or sanitization is performed on the data being documented, allowing malicious code comments or documentation content to influence the agent's behavior.
Recommendations
- AI detected serious security threats
Audit Metadata