project-docs
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill is susceptible to indirect prompt injection as its core function involves processing untrusted external content.\n
- Ingestion points: Ingests code changes and documentation files for processing via the
docs-excellence-architectsubagent (specified in SKILL.md).\n - Boundary markers: Absent. The example prompt does not include delimiters to separate instructions from untrusted input data.\n
- Capability inventory: The subagent is instructed to update or propose updates to project files (README.md, guides, etc.), which represents a file-modification capability.\n
- Sanitization: No evidence of sanitization or validation of the input content is provided.\n- [No Code] (LOW): The skill consists entirely of markdown instructions and does not include any executable scripts, binaries, or package dependencies.
Recommendations
- AI detected serious security threats
Audit Metadata