ln-140-test-docs-creator
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill automates the creation of testing strategy and organization documentation. It performs standard file system operations, such as creating directories and copying local templates to
docs/reference/guides/andtests/. No unauthorized network communication or remote code execution patterns were identified. - [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface by reading data from project configuration files to auto-discover frameworks and runner commands. This is assessed as safe because the action is limited to generating Markdown documentation and does not involve executing the discovered strings. \n
- Ingestion points: Reads
package.json,requirements.txt, andgo.modto identify test frameworks and versions. \n - Boundary markers: Missing explicit delimiters or instructions to ignore embedded instructions in the interpolated project metadata. \n
- Capability inventory: Limited to file system operations (Edit tool) and directory scanning (Glob tool) for documentation purposes. \n
- Sanitization: Project metadata is used to populate documentation templates without explicit validation or escaping.
Audit Metadata