document
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to scan the target filesystem for existing documentation and to analyze project structure, which is consistent with its primary documentation purpose.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its ingestion of untrusted project files. 1. Ingestion points: File content is read via Glob, Grep, and Read tools based on user-provided directory or file arguments. 2. Boundary markers: No specific delimiters are implemented to isolate ingested code from agent instructions when delegating to sub-agents. 3. Capability inventory: The skill can execute Bash commands and modify files via Write and Edit tools. 4. Sanitization: There is no explicit sanitization or validation of file content before it is processed by the orchestration logic.
Audit Metadata