deepwiki
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill facilitates access to repository documentation via the deepwiki.com platform. This functionality is the primary intended use-case and aligns with the provided descriptions.
- [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection as it retrieves and processes markdown content from an external website. * Ingestion points: Data enters the agent's context through the mcp__mcp_deepwiki__deepwiki_fetch tool as described in SKILL.md. * Boundary markers: There are no explicit instructions for the agent to treat the fetched content as untrusted or to use delimiters. * Capability inventory: The skill is primarily designed for data retrieval; no autonomous command execution or system modification capabilities are defined in the skill documentation. * Sanitization: The instructions do not specify any filtering or sanitization of the fetched markdown before the agent reads it.
Audit Metadata