readme-generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No malicious behaviors, unauthorized network access, or credential theft patterns were detected. The skill operates within its stated purpose of documentation generation.
- Indirect Prompt Injection (SAFE): The skill analyzes external project structures, presenting a minimal attack surface for indirect prompt injection. This is considered safe as the skill only processes metadata and does not execute untrusted code.
- Ingestion points: Project structure analysis (Step 1: Analyze Project).
- Boundary markers: Absent; the skill lacks specific delimiters to separate untrusted project data from instructions.
- Capability inventory: Reading project structure and writing/updating the README.md file.
- Sanitization: The skill specifically notes the exclusion of sensitive info such as .env values.
Audit Metadata