docs-sync
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Safe (SAFE): No malicious patterns or security risks detected. The skill's behavior is consistent with its stated purpose of documentation management.
- Indirect Prompt Injection (SAFE): The skill has a natural attack surface as it ingests untrusted repository content (code diffs and documentation files). However, this is inherent to its primary function and contains no exploitable capabilities beyond documentation editing. Evidence: 1. Ingestion points: git diff output and repository files (README.md, docs/). 2. Boundary markers: Absent. 3. Capability inventory: File-write (documentation updates) and local command execution (git diff, repo-native linting). 4. Sanitization: Absent.
Audit Metadata