documentation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes common shell commands such as git, find, grep, and stat to audit project structure and manage documentation files. These operations are limited to the local environment and standard development workflows.
- [EXTERNAL_DOWNLOADS] (LOW): The script automatically attempts to install the lychee link-checker via 'brew install lychee' if it is not found on the system. While Homebrew is a trusted package manager, automatic installation of binaries is a behavior that should be monitored.
- [PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection. It reads untrusted repository content (READMEs, source code) and interpolates it into prompts for the codex agent to generate new documentation. Evidence Chain: 1. Ingestion points: README.md, package.json, and source files (*.ts, *.js). 2. Boundary markers: Absent. 3. Capability inventory: File writing via codex exec, directory creation, and branch manipulation via git. 4. Sanitization: Absent.
- [DATA_EXFILTRATION] (SAFE): The skill scans for environment variable usage (process.env) to generate a .env.example file. It only identifies variable names and does not access or exfiltrate the actual values.
Audit Metadata