ln-610-docs-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to create date-stamped output directories for audit results. These operations are confined to the local filesystem using internally generated paths and represent standard organizational functionality.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it ingests untrusted project documentation and configuration files for analysis. 1. Ingestion points: Reads CLAUDE.md, markdown documents (.md), and package manifests (package.json, requirements.txt, go.mod, Cargo.toml) to identify project metadata and target audit documents. 2. Boundary markers: None; data is collected into a contextStore shared with worker skills. 3. Capability inventory: Uses Bash, Grep, Glob, and Read tools for file discovery and data aggregation. 4. Sanitization: No content filtering or specific instruction scrubbing is implemented. These operations are associated with the skill's primary purpose of documentation auditing and do not represent a malicious intent.
Audit Metadata