crafting-effective-readmes
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- General Security (SAFE): The skill consists entirely of instructional markdown and metadata. It lacks any functional code, script execution, or network capabilities.
- Indirect Prompt Injection (LOW):
- Ingestion points: The skill instructions suggest checking the 'actual project state' by reading files like
package.jsonand main project files. - Boundary markers: None specified for the data read from project files.
- Capability inventory: None. The skill only proposes text edits and does not have the ability to write files, execute commands, or send data over the network.
- Sanitization: None present; however, the lack of side-effect capabilities renders this surface negligible.
- Data Exposure (SAFE): No sensitive file paths, credentials, or exfiltration patterns were detected.
Audit Metadata