tech-docs-generator
Fail
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: HIGHCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The 'Verification Gate' section explicitly instructs the agent to 'RUN any documented commands to confirm they work'. This creates a high-risk path for Remote Code Execution (RCE), as the agent may execute arbitrary and potentially malicious shell commands extracted from the codebase or generated documentation.
- [CREDENTIALS_UNSAFE]: Phase 1 instructions direct the agent to capture 'Env vars' and 'config files' during codebase analysis. This poses a significant risk of accidental exposure of secrets, API keys, or sensitive credentials within the final documentation output.
- [PROMPT_INJECTION]: The skill is highly susceptible to indirect prompt injection as it ingests and processes untrusted data (source code, READMEs, and comments) without boundary markers or sanitization. This is particularly dangerous when combined with the instructions to execute commands found within that data.
- [DATA_EXFILTRATION]: The skill captures internal infrastructure details including 'Database schemas' and 'Component hierarchy'. While intended for documentation, documenting these without strict filtering can lead to the exposure of internal system architecture and sensitive data relationships.
Recommendations
- AI detected serious security threats
Audit Metadata