docs-architect
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because its core function involves ingesting and analyzing untrusted data (local codebase files).
- Ingestion points: The 'Documentation Process' and 'Core Competencies' sections explicitly direct the agent to 'Analyze codebase structure', 'Identify key components', and 'Extract design patterns'.
- Boundary markers: The instructions do not define any delimiters or system-level constraints to treat the codebase content as data rather than instructions.
- Capability inventory: The skill focuses on generating Markdown documentation and does not define any dangerous capabilities such as network access, shell execution, or file writing.
- Sanitization: No escaping or sanitization logic is provided to ensure that strings or comments extracted from the code are handled safely within the generated output.
- [NO_CODE]: This skill consists entirely of instructional Markdown and metadata. It does not include any accompanying scripts (Python, Node.js), executables, or configuration files that would perform operations outside of the LLM's standard reasoning and tool-use capabilities.
Audit Metadata