generate-agents-md
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill processes untrusted content from the local filesystem to generate documentation. * Ingestion points: Processes files such as .cursor/rules/, CLAUDE.md, package.json, Cargo.toml, and existing AGENTS.md files. * Boundary markers: No markers or delimiters are defined to separate untrusted file content from the agent's instructions. * Capability inventory: The skill has the authority to write files (AGENTS.md) to the repository root. * Sanitization: There is no logic provided to sanitize or filter instructions that might be embedded within the project files being analyzed. An attacker could place malicious instructions in these files to hijack the agent's output or subsequent actions.
Recommendations
- AI detected serious security threats
Audit Metadata