Skills
skills/smartworkx/dev-context/create-doc/Gen Agent Trust Hub

create-doc

Pass

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it reads context from codebase files to perform its tasks.
  • Ingestion points: Uses Read, Grep, and Glob to examine local files like CLAUDE.md and other source files for project conventions and context.
  • Boundary markers: No instructions are provided to isolate potential commands or instructions found within the analyzed files from the agent's system prompt.
  • Capability inventory: The skill has access to the Bash and Write tools, which could be misused if the agent inadvertently follows instructions embedded in the codebase.
  • Sanitization: The skill does not sanitize or validate the content of the files it reads before processing them as context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 2, 2026, 04:03 AM