readme
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and analyze project source code and external research data, creating a surface for indirect prompt injection. Malicious instructions embedded in the analyzed files or search results could potentially influence the agent's behavior during the documentation process.
- Ingestion points: Local project files (accessed via glob/grep) and external data from Exa or WebFetch research.
- Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the ingested data.
- Capability inventory: The skill utilizes file system tools including Read, Write, Edit, Grep, and Glob.
- Sanitization: No explicit content validation or sanitization steps are documented for handling untrusted input.
Audit Metadata