full-stack-doc
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Category 4: Unverifiable Dependencies & Remote Code Execution (SAFE): The skill consists entirely of Markdown templates and does not include any scripts (Python, JS, Shell) or package dependency files.
- Category 2: Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or network operations were detected. External links point to reputable documentation sites (GitHub, Atlassian).
- Category 8: Indirect Prompt Injection (LOW):
- Ingestion points: User-provided project names and product details are interpolated into template placeholders.
- Boundary markers: None present in the prompt instructions.
- Capability inventory: None. The skill only performs text generation/formatting.
- Sanitization: None detected. However, because the skill has no actionable capabilities (no file writing, no shell execution, no networking), the risk is negligible.
- Category 7: Metadata Poisoning (SAFE): The metadata fields (name, description) accurately reflect the skill's purpose without deceptive instructions.
Audit Metadata