Skills
skills/oliver-kriska/claude-elixir-phoenix/hexdocs-fetcher/Gen Agent Trust Hub

hexdocs-fetcher

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXPOSURE]: The skill fetches content from https://hexdocs.pm, which is a well-known technology service hosting official Elixir documentation. These network operations are standard for documentation retrieval.
  • [COMMAND_EXECUTION]: The skill uses the Write tool to save research results to the .claude/plans/ directory. This activity is restricted to the agent's project workspace and does not target sensitive system configuration files or directories.
  • [PROMPT_INJECTION]: The skill processes external content from documentation pages, which introduces an indirect prompt injection surface.
  • Ingestion points: Untrusted content from hexdocs.pm via the WebFetch tool.
  • Boundary markers: Not explicitly defined; the skill relies on natural language prompts to guide extraction.
  • Capability inventory: Includes WebFetch (network read), Write (file write), and Tidewave MCP tool access.
  • Sanitization: No specific content sanitization or instruction filtering is implemented for the fetched documentation content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 02:01 AM