tl-docs-create
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No malicious patterns or bypass instructions were detected. The skill has an inherent attack surface for indirect prompt injection given its purpose.
- Ingestion points: Reads project manifests, script headers, and config files (e.g., package.json, .env.example).
- Boundary markers: None explicitly defined for untrusted data interpolation.
- Capability inventory: Writes documentation files and executes local validation tools (e.g., pnpm lint).
- Sanitization: Applies standard markdown formatting and writing guidelines.
- [DATA_EXFILTRATION]: No exfiltration or exposure of sensitive data was found. Data ingestion is restricted to public configuration and source documentation headers.
- [REMOTE_CODE_EXECUTION]: No remote code execution or suspicious external downloads from unknown sources were identified.
- [COMMAND_EXECUTION]: The skill recommends standard local commands for project maintenance and verification tasks.
Audit Metadata