wiki-onboarding
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of markdown instructions for generating project documentation. It contains no executable scripts or system commands.
- [DATA_EXPOSURE]: The skill analyzes standard manifest files like package.json and Cargo.toml for language identification. No sensitive file access or credential extraction patterns are present.
- [INDIRECT_PROMPT_INJECTION]: The skill reads codebase content to generate summaries. 1. Ingestion points: The entire codebase is analyzed by the agent (SKILL.md). 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are defined. 3. Capability inventory: No dangerous capabilities (subprocess, file-write, network) are present in the skill instructions. 4. Sanitization: No input validation is performed on the ingested code content.
Audit Metadata