api-docs
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill analyzes external Python source code which could contain malicious instructions designed to influence the agent's behavior during documentation generation.\n
- Ingestion points: Target FastAPI route files and project directories provided by the user via @path syntax or natural language globbing.\n
- Boundary markers: Absent. The skill reads the full content of target files and traces through call stacks without applying specific delimiters or 'ignore' instructions for data processed as code.\n
- Capability inventory: File system read and write access, deep call stack tracing (up to 5 levels) across multiple files, and interaction with project dependencies.\n
- Sanitization: Absent. There is no validation or sanitization of content found in the code comments or docstrings being analyzed.
Audit Metadata