doc-generator
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data (source code and comments) to generate documentation.\n
- Ingestion points: Untrusted data enters the agent context via the Read, Glob, and Grep tools used to analyze project files as described in the execution process.\n
- Boundary markers: The skill does not define explicit delimiters or instructions to the model to ignore embedded commands within the files being processed.\n
- Capability inventory: The skill utilizes the Write tool to create or update files, providing a potential impact surface if an injection attack successfully redirects agent behavior.\n
- Sanitization: The provided hook scripts (pre-execute.cjs and post-execute.cjs) do not contain logic to sanitize or validate the content extracted from the analyzed source files.
Audit Metadata