create-copilot-instructions
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No malicious instructions designed to bypass safety filters or override agent constraints were detected.- [DATA_EXFILTRATION]: The skill accesses official GitHub documentation and reads local files within the project directory to perform its function. No sensitive data is transmitted to unauthorized external domains.- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted local data (existing instructions and codebase) to generate new instructions. While this creates a potential surface for indirect injection, it is managed as part of the core functionality of a documentation generation tool and carries low risk in a local development context.- [COMMAND_EXECUTION]: No shell commands, subprocess calls, or script executions were found in the skill's logic.- [REMOTE_CODE_EXECUTION]: The skill does not download or execute remote code from external sources.
Audit Metadata