project-agent-docs
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it reads external data (project specification files) and uses it to generate instructions for subsequent AI agent sessions.
- Ingestion points: Local files located in the
specs/directory as described in the workflow section of SKILL.md. - Boundary markers: No specific delimiters or instructions are used to prevent the agent from obeying commands that might be hidden inside the ingested documentation files.
- Capability inventory: The agent can write a new instruction file (
AGENT.md) to the project root as specified in the workflow. - Sanitization: There is no evidence of filtering or sanitizing the input data from the specification files before it is processed into the navigation guide.
Audit Metadata