llms-txt-generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill ingests untrusted local project data to generate its output, which could allow malicious content in documentation files to influence the agent's behavior during the generation process.\n
- Ingestion points: The skill reads
README.md,package.json,pyproject.toml,Cargo.toml, and various files within thedocs/andexamples/directories to gather project context.\n - Boundary markers: Absent. The instructions do not specify any delimiters or safety warnings to isolate content read from files from the agent's core instructions.\n
- Capability inventory: The skill uses file-system read operations to gather data and file-system write operations to generate the
llms.txtandllms-full.txtfiles.\n - Sanitization: Absent. There are no instructions to sanitize, escape, or validate the content retrieved from project files before it is used to construct the final documentation.\n- No Code (SAFE): This skill consists solely of markdown instructions and reference documents. It does not include any scripts, binaries, or automated dependency installations, which limits the attack surface to the prompt-interaction layer.
Audit Metadata