codebase-documenter
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is intended to process and document external codebases, which creates an inherent surface for indirect prompt injection. If the source files being documented contain malicious instructions embedded in comments or documentation strings, the agent could potentially follow those instructions.
- Ingestion points: The skill workflow involves analyzing project entry points, dependencies, core concepts, and configuration files (documented in SKILL.md).
- Boundary markers: The provided templates and logic do not include specific delimiters or 'ignore' instructions to isolate untrusted code content from the agent's primary instructions.
- Capability inventory: The index.js file is currently a placeholder with no active capabilities, but the skill is designed to be used by an agent with the ability to read and write files within a project directory.
- Sanitization: No sanitization, validation, or filtering logic is present to process ingested codebase content before it is used to generate documentation.
Audit Metadata