analyze-project
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads content from user-controlled files like README.md and configuration files. This data is used to generate documentation without explicit boundary markers or sanitization, potentially allowing malicious instructions within the codebase to influence the agent's output. * Ingestion points: Reads various project files including README.md and config files (SKILL.md, Step 4). * Boundary markers: Absent; no specific instructions provided to the agent to ignore instructions within the read files. * Capability inventory: Writes markdown files to the filesystem (SKILL.md, Step 7). * Sanitization: Absent; the skill does not specify any validation or filtering of the content read from files.
- [COMMAND_EXECUTION]: Executes standard git commands (
git rev-parse,git diff,git status) to determine if existing documentation is stale. This is a legitimate use of local tooling for state management.
Audit Metadata