docs-engineer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill consists entirely of instructional markdown and reference files with no executable components or malicious patterns.
- [CREDENTIALS_UNSAFE] (SAFE): While the references mention API keys and tokens, these are used as regex patterns for a validation tool designed to protect users by identifying secrets in documentation drafts.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes external data (user code and documents), presenting a surface for indirect prompt injection; however, because the skill lacks high-risk capabilities like code execution or outbound networking, the risk is minimal.
- [REMOTE_CODE_EXECUTION] (SAFE): Documentation templates include pip installation examples for user education, but the skill itself does not perform any package installations or remote script executions.
Audit Metadata