api-docs-generator
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill's primary function is to analyze existing source code and docstrings, which presents a surface for indirect prompt injection where malicious instructions in comments could influence agent behavior.
- Ingestion points: The agent is instructed to read current handler docstrings, OpenAPI metadata, and inline documentation (SKILL.md Phase 1).
- Boundary markers: The instructions do not define specific delimiters or instructions to isolate user data from the agent's internal logic.
- Capability inventory: The skill's capabilities are limited to producing text-based reports and documentation snippets; it has no file system access, network capabilities, or command execution.
- Sanitization: No input sanitization or validation of docstring content is mentioned in the workflow.
- [CREDENTIALS_UNSAFE]: Reference files include placeholder patterns for authentication tokens and API keys (e.g., 'sk_live_abc123...') used as illustrative examples for documentation formatting. These are properly contextualized as documentation templates and do not represent actual exposed credentials.
Audit Metadata