wiki-architect
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Command Execution] (SAFE): The skill executes
git remote get-url originandgit rev-parse --abbrev-ref HEADto resolve repository context. These are read-only operations necessary for the primary purpose of documentation generation. - [Indirect Prompt Injection] (LOW): The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from repository files to generate documentation structures.
- Ingestion points: Reads
README.md, file tree structure, and source code files within the repository. - Boundary markers: Absent. The skill instructions do not provide delimiters or warnings to ignore instructions embedded within the codebase being analyzed.
- Capability inventory: The skill has the ability to execute
gitcommands and read file system contents. - Sanitization: Absent. Content from the files is interpolated into prompts without explicit sanitization or validation.
Audit Metadata