audit
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted content from the project being audited.
- Ingestion points: In Step 2 and Step 3, the skill reads all markdown files in the
docs/directory, the rootREADME.md, and the project's codebase (exported functions, classes, and features). - Boundary markers: The instructions do not define boundary markers or delimiters to separate audited content from the agent's internal logic, nor do they instruct the agent to ignore embedded instructions within the source files.
- Capability inventory: The skill has the capability to write a findings report (
audit-report.md) to the file system (Step 6) and modify existing documentation files to apply fixes (Step 8). - Sanitization: There is no evidence of sanitization or validation of the ingested content before it is used to generate reports or modify files, meaning malicious content in the audited files could lead to misleading reports or incorrect documentation edits.
Audit Metadata