wiki-page-writer
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill is designed to process untrusted source code files to generate documentation, which is a potential surface for indirect prompt injection via code comments.
- Ingestion points: Local source code files as specified in the 'Procedure' section of SKILL.md.
- Boundary markers: Absent; the agent is not explicitly told to ignore instructions embedded in the analyzed code.
- Capability inventory: The skill lacks capabilities for network access, file writing, or subprocess execution, meaning any successful injection would have no side effects beyond altering the generated text.
- Sanitization: No content filtering is applied to the analyzed source code.
- [Data Exposure & Exfiltration] (SAFE): While the skill reads source code, it does not access sensitive system paths (like SSH keys or credentials) and has no network capability to exfiltrate data.
- [Remote Code Execution] (SAFE): No patterns for remote code execution, package installation, or dynamic script execution were detected.
Audit Metadata