docs-cleaner
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted documentation files and has the capability to delete or modify files based on the content of those documents, creating an attack surface where instructions embedded in the docs could trigger unauthorized file operations.
- Ingestion points: Documentation files identified during Phase 1 Discovery (SKILL.md).
- Boundary markers: Absent. The workflow does not include instructions to disregard embedded commands or use delimiters for processed content.
- Capability inventory: File creation (consolidated docs), file deletion (redundant sources), and file modification (updating references in CLAUDE.md/README) as specified in Phase 4 Execution (SKILL.md).
- Sanitization: Absent. There is no validation or filtering of document content before it influences the agent's evaluation of 'value' and subsequent file actions.
- [Metadata Poisoning] (SAFE): The file
.security-scan-passedcontains self-referential claims of safety ('Security scan passed'). Following the adversarial reasoning framework, these claims are treated as non-authoritative data and did not influence the final verdict.
Audit Metadata