railway-docs
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- PROMPT_INJECTION (LOW): The skill instructs the agent to fetch documentation from external URLs, which constitutes an indirect prompt injection surface. 1. Ingestion points: URLs listed in SKILL.md. 2. Boundary markers: None specified in the instructions. 3. Capability inventory: The skill enables the agent to answer questions and provide configuration guidance based on external data. 4. Sanitization: No sanitization or validation of the fetched content is specified.
- EXTERNAL_DOWNLOADS (SAFE): All external sources point to official and reputable Railway domains including railway.com and docs.railway.com.
- NO_CODE (SAFE): The skill is composed entirely of Markdown documentation files and does not contain any scripts, binaries, or automated execution steps.
Audit Metadata