enterprise-security
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Prompt Injection (LOW): The skill utilizes strong directives such as 'MANDATORY' and 'STOP' to enforce a specific documentation-first workflow for the agent. While intended for accuracy, these are classified as low-severity instructional overrides.
- Indirect Prompt Injection (LOW): A vulnerability surface exists due to the ingestion of external data. 1. Ingestion points: Documentation fetched via the docs-management skill. 2. Boundary markers: Absent; the skill does not use delimiters to wrap tool output. 3. Capability inventory: The agent has access to Read, Glob, Grep, and Skill tools when processing this data. 4. Sanitization: No sanitization or verification of the fetched content is performed within this skill's logic.
Audit Metadata