Skills
skills/kj-aiml/docs-boy-skill/docs-boy/Gen Agent Trust Hub

docs-boy

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted content from the local project codebase, which creates a potential surface for indirect prompt injection.
  • Ingestion points: According to SKILL.md, the agent is instructed to read various files including README.md, package.json, and the contents of the src/ or server/ directories during its investigation phase.
  • Boundary markers: The instructions do not define clear boundary markers or delimiters to separate ingested file content from the agent's core instructions.
  • Capability inventory: The skill workflow involves reading multiple files from the local filesystem and writing generated documentation to the /docs/ directory.
  • Sanitization: There is no evidence of sanitization or filtering to prevent the agent from potentially following instructions embedded in the project files being documented.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 10:45 AM