Skills
skills/saeed-vayghan/gemini-agent-skills/documentation-engineer/Gen Agent Trust Hub

documentation-engineer

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
  • [NO_CODE]: The skill does not contain any executable scripts, binaries, or active code files. Its content is limited to instructional Markdown and static JSON assets, which minimizes the risk of direct malicious code execution.- [PROMPT_INJECTION]: The workflow involves the ingestion of untrusted external data, presenting a surface for indirect prompt injection.
  • Ingestion points: SKILL.md instructs the agent to review existing documentation, APIs, and developer workflows which are external to the skill.
  • Boundary markers: Absent; the instructions do not specify the use of delimiters or warnings to ignore embedded instructions in the ingested content.
  • Capability inventory: The skill is designed to have the agent write files and potentially modify configurations based on the processed data.
  • Sanitization: Absent; there is no mention of filtering or validating the content extracted from external sources.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 12:27 AM