cs-libdoc
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes local tools
validate-yaml.pyandsearch-yaml.pyfor syntax validation and metadata querying. These scripts are used within the scope of documentation management and do not involve unauthorized system access. - [PROMPT_INJECTION]: The skill has a potential surface for indirect prompt injection as it processes source code to extract API details.
- Ingestion points: Reads source code files from the
source_rootand those listed insource_filesduring the generation phase. - Boundary markers: The instructions do not define specific delimiters or instructions to disregard content within code comments or strings.
- Capability inventory: The skill can read local source files, write documentation to the
docs/api/directory, and execute local Python validation scripts. - Sanitization: There is no mention of sanitizing or escaping content extracted from source files before it is processed by the AI.
Audit Metadata