doc-architect
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by scanning and processing unverified project files to generate documentation.
- Ingestion points: The agent scans the workspace root and documentation directories for identifiers like README.md, package.json, and PROJECT_BRIEF as defined in SKILL.md and protocols/workflow.md.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are used in the documentation templates to isolate content ingested from the workspace.
- Capability inventory: The agent performs file system reads and writes to analyze project structure and create documentation files such as AGENTS.md and INDEX.md.
- Sanitization: Metadata and content extracted from the project are interpolated into templates without validation or sanitization, which could lead to the agent following malicious instructions embedded in the project files.
Audit Metadata