docs-generator
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection vulnerability surfaces.
- Ingestion points: Analyzes project files, source code architecture, and existing documentation to determine project type and personas (SKILL.md, Step 1).
- Boundary markers: No delimiters or instructions to ignore embedded commands within the analyzed project files are defined in the workflow.
- Capability inventory: The skill has permissions to create git branches and perform extensive file write operations within the repository (SKILL.md, Step 0 and 2).
- Sanitization: No sanitization or content validation is performed on the data ingested from the project files before processing.
- [COMMAND_EXECUTION]: The skill executes system commands for repository management.
- Evidence: The workflow explicitly requires checking the current branch status and executing git commands to create and switch to new feature branches (SKILL.md, Step 0).
Audit Metadata