kw-skill-docs
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill reads content from local SKILL.md files and includes it in a generated prompt. This creates a surface where a malicious skill in the local environment could influence the generated documentation. \n
- Ingestion points: Local skill definitions in ~/.claude/skills/. \n
- Capability inventory: Reading file metadata and generating text output. \n
- Boundary markers: Scanned content is interpolated into Step 5 without specific delimiters or isolation markers. \n
- Sanitization: No explicit sanitization of the contents read from SKILL.md files is performed. \n- [DATA_EXPOSURE]: The skill reads from the local ~/.claude/skills/ directory to gather metadata. This behavior is consistent with the skill's primary function of providing a system documentation overview.
Audit Metadata