crafting-effective-readmes
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection. Ingestion points: SKILL.md instructs the agent to read project files like package.json and source files to review documentation accuracy. Boundary markers: There are no instructions provided to separate these ingested contents from the agent's internal logic or to treat them as untrusted. Capability inventory: The skill provides documentation templates and advice but lacks direct execution capabilities or file-writing scripts. Sanitization: No validation or sanitization of project data is implemented before the agent processes it.
Audit Metadata