agents-md
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to create a symbolic link using
ln -s AGENTS.md CLAUDE.md. This is a standard file system operation consistent with the skill's purpose of managing project documentation.- [DATA_EXPOSURE]: The skill analyzes local project configuration files (e.g., package.json, linter configs, lock files) to extract relevant metadata for documentation. This analysis is limited to non-sensitive project structure information.- [PROMPT_INJECTION]: Indirect prompt injection risk was evaluated. The skill ingests untrusted data from local project files (e.g., README.md, Makefile, CONTRIBUTING.md) to generate summary documentation. While it lacks explicit boundary markers or sanitization for this ingestion, its capabilities are restricted to documentation writing and symlink creation, presenting a negligible security risk.
Audit Metadata