readmes
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): Potential attack surface for indirect prompt injection as the skill reads and processes the content of README.md files which may be influenced by external contributors.
- Ingestion points: reads content from
ideas/**/README.mdandCLAUDE.md. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are defined in the skill logic.
- Capability inventory: The skill possesses
Edit,Read,Glob, andGreptools, allowing it to modify files on the local filesystem. - Sanitization: No explicit sanitization or validation of the README content is performed before processing.
- [Privilege Escalation] (SAFE): The skill does not request or use elevated privileges (e.g., sudo) and operates within a restricted directory scope (
ideas/). - [Data Exfiltration] (SAFE): No network tools are included in the
allowed-toolslist, preventing data from being sent to external domains.
Audit Metadata