contributor-guide-writer
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted project metadata which creates an indirect prompt injection surface.
- Ingestion points: Inspects files such as package.json, go.mod, and requirements.txt as specified in SKILL.md.
- Boundary markers: There are no explicit delimiters or instructions to ignore instructions found in source files.
- Capability inventory: The skill is limited to reading local files and generating markdown text.
- Sanitization: No validation or sanitization of source file content is performed.
- [NO_CODE]: This skill consists of instructions and templates with no executable code.
Audit Metadata