code-documentation
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted codebase files to generate summaries and diagrams.\n
- Ingestion points: The agent reads source code (Go, TypeScript, React), Docker configs, and database schemas from the target directory to extract documentation details.\n
- Boundary markers: The skill mandates the use of structured YAML frontmatter, Markdown tables for file listings, and specific Mermaid blocks for diagrams, which help define content boundaries.\n
- Capability inventory: The agent requires permissions to read files within the codebase and write/modify README.md files to perform the documentation tasks.\n
- Sanitization: The instructions do not include steps for sanitizing or escaping content extracted from source files, which could potentially contain malicious instructions meant to influence the agent's output.
Audit Metadata