agent-docs-api-openapi
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes pre-execution and post-execution hooks to run local shell commands like
findandgrepfor discovering route files and validating generated documentation. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted source data to fulfill its primary purpose.
- Ingestion points: The skill reads application source code files including
*.route.js,*.controller.js, androutes.js(referenced in SKILL.md hooks). - Boundary markers: There are no defined boundary markers or instructions to ignore malicious prompts embedded within the source files being documented.
- Capability inventory: The skill has high-privilege file system access through
Read,Write,Edit, andMultiEdittools. - Sanitization: No sanitization or content filtering is applied to the ingested source code before it is processed by the agent.
- [DATA_EXFILTRATION]: The skill accesses sensitive application source code (controllers and routes). While this is intended for documentation, it involves processing the internal logic of the application. The skill mitigates risk by explicitly forbidding access to
secrets/**and.git/**directories.
Audit Metadata