project-doc-updater
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill accesses local project code and specification files in the
specs/directory to analyze implementation details. This access is confined to the project workspace and does not involve sensitive system paths, credentials, or network transmission.\n- [PROMPT_INJECTION]: The instructions focus on documentation consistency and do not contain patterns suggesting attempts to bypass safety filters, ignore prior instructions, or manipulate the agent's core safety constraints.\n- [INDIRECT_PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it processes codebase content and writes to project files.\n - Ingestion points: Reads the codebase and existing documentation in the
specs/directory.\n - Boundary markers: References
specs/GUARDRAILS.mdto guide its planning and management phase.\n - Capability inventory: Possesses the capability to modify documentation markdown files based on its analysis of the code.\n
- Sanitization: No explicit validation or sanitization is mentioned for content parsed from the codebase before it is written into documentation specs.
Audit Metadata