listing-docs
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted documentation files which may contain instructions intended to bypass agent constraints through indirect prompt injection.\n- Ingestion points: The
scripts/list_docs.pyscript reads any.mdfile found in the target directory (defaulting todocs/).\n- Boundary markers: The script outputs the parsed summaries without using delimiters or protective instructions to separate document content from agent instructions.\n- Capability inventory: The script is limited to file reading and standard output; it does not possess network access, file writing permissions, or the ability to execute subprocesses.\n- Sanitization: There is no sanitization or filtering of the content extracted from the YAML front-matter of the documentation files.
Audit Metadata