configure-readme
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill employs dynamic context injection (
!command) and theBashtool to perform local project discovery tasks, such as identifying the working directory and locating package manifests. These commands are used for environmental awareness and are not used for privileged or network-based operations.\n- [PROMPT_INJECTION]: The skill processes untrusted content from local project files, which establishes an indirect prompt injection surface.\n - Ingestion points: Project metadata is extracted from files including
package.json,pyproject.toml,Cargo.toml,go.mod, and the existingREADME.md(as described inSKILL.md).\n - Boundary markers: The instructions lack explicit delimiters or instructions to ignore potential commands hidden within the ingested file content.\n
- Capability inventory: The skill possesses the capability to write to the filesystem (
Write) and execute shell commands (Bash).\n - Sanitization: No sanitization or verification of the content extracted from external project files is specified before it is used to generate the updated README.
Audit Metadata