api-documentation-generator
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and analyze external codebase data or API endpoints provided by the user, creating a surface for indirect prompt injection if the processed content contains malicious instructions intended to hijack the agent's behavior.
- Ingestion points: User-provided API codebase or endpoint description.
- Boundary markers: Absent. There are no explicit instructions to the agent to treat the input data as potentially untrusted or to use delimiters.
- Capability inventory: None. The skill defines instructions for documentation generation and does not execute subprocesses, perform network operations, or write to the filesystem.
- Sanitization: Absent. The skill does not include steps for validating or sanitizing the input data before processing.
Audit Metadata