technical-doc-creator
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill defines a workflow where untrusted user input (API endpoints and system details) is interpolated into HTML templates and written to a local file. This creates an indirect injection surface. • Ingestion points: User-provided technical documentation requests in SKILL.md. • Boundary markers: Absent; no specific delimiters or instructions to ignore embedded commands in the source data. • Capability inventory: File system write access to create HTML documentation files. • Sanitization: No explicit escaping or validation of user-provided content is required by the instructions.
- [NO_CODE]: The skill contains no executable scripts or binary files, consisting solely of documentation guidelines, CSS patterns, and HTML templates.
Audit Metadata