init-agents-md
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's core functionality is limited to reading local codebase metadata and project configuration files to generate a documentation draft. It does not perform network requests or execute external scripts.\n- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection by ingesting data from arbitrary project files to generate instructions. However, this is mitigated by a mandatory human-in-the-loop review process.\n
- Ingestion points: Reads various project files including package.json, pyproject.toml, README.md, and existing AGENTS.md (SKILL.md, Step 1).\n
- Boundary markers: The instructions do not define specific markers to delimit ingested file content from the agent's task instructions.\n
- Capability inventory: The skill utilizes codebase exploration and file-writing capabilities to generate project root documentation (SKILL.md, Steps 1 & 5).\n
- Sanitization: No content validation is specified for ingested data, but the draft iteration phase (Step 4) requires explicit user approval before final file creation.
Audit Metadata