create-agents-md
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to manage documentation in
AGENTS.mdandCLAUDE.md. It performs file read/write operations within the project root to synchronize style guide content.- [DATA_EXPOSURE]: The skill scans for common configuration files (e.g.,package.json,pyproject.toml,Cargo.toml) to identify the project's programming languages. This metadata is used locally to select appropriate style guides and is not transmitted externally.- [EXTERNAL_DOWNLOADS]: The skill references a GitHub repository (github.com/gemini-cli-extensions/conductor) for attribution in the generated documentation. However, it does not perform any network downloads; the style guide content is sourced from local Markdown files provided within the skill'sreferences/directory.- [INDIRECT_PROMPT_INJECTION]: The skill modifiesAGENTS.mdbased on existing content. It uses specific HTML comments (<!-- create-agents-md:code-styleguides:start -->) as boundary markers to safely identify and replace its own generated sections. Furthermore, the skill requires explicit user confirmation before applying any changes to the filesystem, providing a manual verification step.
Audit Metadata