generate-agent-instructions
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill contains a directive to 'completely ignore the CLAUDE.md file'. Instructions to 'ignore' or 'disregard' specific content are patterns used to override agent behavior, though in this case it is task-specific.
- [INDIRECT_PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by processing untrusted data to generate instructions. Ingestion points: The agent performs a deep dive into the local codebase. Boundary markers: None provided; the skill lacks delimiters to separate analyzed data from instructions. Capability inventory: Reads all codebase files and writes/updates the 'AGENTS.md' file. Sanitization: No validation or sanitization of the extracted content is performed before it is written to the documentation.
Audit Metadata