readme
Warn
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill instructs the agent to access and explore highly sensitive file paths to understand the project configuration. These include
config/master.key,config/credentials.yml.enc, and environment variable files like.env.exampleor.env. Reading the Rails master key or active environment secrets brings the application's full production credentials into the agent's context, creating a significant data exposure risk. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it performs 'Deep Codebase Exploration' by reading arbitrary files from the project root. A malicious file within the codebase (e.g., a README, schema file, or code comment) could contain hidden instructions that manipulate the agent's behavior during the generation process.
- Ingestion points: Root directory structure, configuration files (
config/*.rb,.env), database schemas (db/schema.rb), and dependency manifests (Gemfile,package.json). - Boundary markers: Absent; the skill does not use delimiters or instructions to ignore embedded commands in the files it reads.
- Capability inventory: File-write access to create
README.mdin the project root. - Sanitization: Absent; codebase content is processed directly to generate documentation templates.
Audit Metadata