tl-docs-audit
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from the codebase to generate documentation sync reports and implement fixes.
- Ingestion points: The skill reads content from across the entire codebase, including
src/,config/, anddocs/directories during Phase 1 (Feature Inventory) and Phase 2 (Doc-First Pass). - Boundary markers: The instructions lack explicit boundary markers or warnings to the agent to ignore natural language instructions that might be embedded within the source code or existing documentation files being audited.
- Capability inventory: The skill has the capability to write to the filesystem. Phase 5 (Optional Fixes) instructs the agent to 'implement proposed edits' and 'Use tl-docs-create writing standards', allowing the agent to modify project files based on its analysis.
- Sanitization: There is no mention of sanitizing or escaping the content retrieved from the codebase before it is used to influence the agent's output or file-writing operations.
Audit Metadata