agentic-docs
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): Indirect Prompt Injection Surface. Ingestion points: The skill reads external source code to generate documentation comments. Boundary markers: No explicit delimiters or boundary instructions are provided for input code. Capability inventory: Limited to text generation; no instructions for command execution or network access are present. Sanitization: No sanitization of input code is defined.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file access or network communication patterns found.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external package installations or remote script executions detected.
- [Obfuscation] (SAFE): No hidden or encoded content detected.
Audit Metadata