ln-120-reference-docs-creator
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Surface for indirect prompt injection through processed external data.
- Ingestion points: Untrusted data enters via the context_store object (specifically TECH_STACK and DEPENDENCIES) and external research results gathered through MCP tools like mcp__Ref__ref_search_documentation and mcp__context7__get-library-docs.
- Boundary markers: The skill utilizes rigid markdown templates and predefined structural headers (e.g., Context, Decision, Rationale) to isolate dynamic content from instructions.
- Capability inventory: The skill possesses capabilities for reading/writing files using Edit/Glob tools and invoking MCP research tools for information retrieval.
- Sanitization: Implements a MANDATORY NO_CODE_EXAMPLES rule that forbids generated code blocks exceeding 5 lines and applies validation heuristics based on questions.md to verify content integrity.
- [EXTERNAL_DOWNLOADS]: The diagram.html file includes a reference to the Mermaid.js library from the JSDelivr CDN. This is used solely for rendering a state diagram for the skill's workflow and represents a standard use of a well-known service for visualization purposes.
Audit Metadata