agents-md-generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill is entirely composed of Markdown instructions and templates. It does not include Python scripts, Node.js packages, or shell commands to be executed on the host system.
- [PROMPT_INJECTION] (LOW): The skill has an attack surface for indirect prompt injection as it processes untrusted codebase data during the analysis phase.
- Ingestion points: The 'Phase 1: Repository Analysis' step instructs the agent to read file structures, tech stacks, and patterns from the codebase.
- Boundary markers: There are no instructions defining delimiters (e.g., XML tags or triple quotes) to separate the untrusted codebase content from the agent's task instructions.
- Capability inventory: The skill only generates documentation text and does not possess capabilities for network access, arbitrary file writing, or command execution.
- Sanitization: The skill does not provide instructions for escaping or filtering malicious content found within the analyzed files.
- [SAFE] (SAFE): The skill incorporates security best practices by including explicit warnings in its templates against committing API keys, tokens, or PII.
Audit Metadata