docs-sync
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill ingests untrusted metadata and descriptions from files in the repository to update documentation, creating a vulnerability surface.\n
- Ingestion points: .claude/skills/SKILL.md, .claude/agents/.md, and .claude/commands/.md.\n
- Boundary markers: Absent; the skill does not use delimiters or instructions to ignore embedded prompts when processing external file content.\n
- Capability inventory: Extensive file system modification (Write/Edit), Bash execution (find/grep), and file reading.\n
- Sanitization: Absent; no escaping or validation of extracted strings is performed before they are interpolated into documentation files.
Audit Metadata