readme-updater
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns were found. The skill operates as intended by gathering project context from local metadata files (e.g., package.json, pyproject.toml) to update documentation.
- [PROMPT_INJECTION]: Indirect prompt injection surface identified.
- Ingestion points: Reads codebase files, test suites, and project metadata (SKILL.md, discovery_patterns.md).
- Boundary markers: No delimiters or specific instructions are used to distinguish between codebase content and agent instructions.
- Capability inventory: The agent has permissions to read workspace files and write to the README.md file.
- Sanitization: No sanitization or filtering is applied to the data extracted from the project files. Note: This represents an inherent surface for documentation skills and no actual exploitation logic was found.
Audit Metadata