Skills
skills/tech-leads-club/agent-skills/docs-writer/Gen Agent Trust Hub

docs-writer

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes external files within the packages/ and docs/ directories. Maliciously crafted content in these files could theoretically influence the agent's behavior.
  • Ingestion points: Files located in packages/ and docs/ directories.
  • Boundary markers: None identified in the skill instructions.
  • Capability inventory: File system modifications (replace, write_file) and execution of project scripts (npm run format).
  • Sanitization: No explicit sanitization or validation of the ingested content is performed.
  • [COMMAND_EXECUTION]: The skill instructions direct the agent to propose the execution of npm run format. This executes a script defined in the local package.json file. While routine for formatting documentation, users should ensure that project-level scripts are trusted before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 01:22 AM