Skills
skills/n-n-code/n-n-code-skills/agents-md-generator/Gen Agent Trust Hub

agents-md-generator

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted repository files to generate guidance for agents, creating an opportunity for indirect prompt injection where adversarial content in documentation could influence future agent behavior.
  • Ingestion points: The skill reads various repository files including README.md, CLAUDE.md, CONTRIBUTING.md, and CI workflows (as specified in SKILL.md and references/inspection-and-content-checklist.md).
  • Boundary markers: The instructions do not specify the use of delimiters or protective headers to isolate the content of the files being processed from the agent's internal instructions.
  • Capability inventory: The skill utilizes file reading and writing tools to inspect the environment and produce the AGENTS.md file.
  • Sanitization: No sanitization or validation steps are described to filter or escape instructions found within the repository's documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 07:54 AM