investigate-create-doc
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection during the exploration of the codebase. \n
- Ingestion points: Codebase content is read and processed in Phase 4 ('Investigate Each Area') by subagents. \n
- Boundary markers: The subagent prompt template interpolates investigation questions directly with codebase context without using specific boundary markers or 'ignore embedded instructions' warnings. \n
- Capability inventory: The skill uses the 'Task' tool to spawn subagents which have the ability to read the filesystem and write markdown documentation to the 'docs/' directory. \n
- Sanitization: There is no evidence of sanitization, escaping, or validation of the data read from the codebase before it is used by subagents or included in documentation. \n- [COMMAND_EXECUTION]: To fulfill the investigation requirements (tracing dependencies, finding consumers), the skill relies on the agent's ability to execute search commands and file system operations.
Audit Metadata