mf-docs
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security threats were identified. The skill interacts exclusively with 'module-federation.io', which is the official domain of the skill author and a well-known technology service. No unauthorized network activity or data access was found.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes documentation content from an external source.\n
- Ingestion points: Documentation is fetched via WebFetch from 'https://module-federation.io/llms.txt' and its sub-pages (SKILL.md).\n
- Boundary markers: The instructions do not define specific delimiters to isolate the external documentation from system instructions.\n
- Capability inventory: The skill is limited to documentation retrieval and does not have access to sensitive capabilities such as command execution, file system modification, or non-whitelisted network communication.\n
- Sanitization: There is no explicit sanitization of the documentation content before it is processed by the agent. However, the risk is negligible given the source is the vendor's own verified documentation.
Audit Metadata