readme-updater
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODEPROMPT_INJECTION
Full Analysis
- [No Executable Code] (INFO): The provided file contains only markdown documentation and metadata. There are no scripts or configuration files that execute logic.
- [Prompt Injection] (LOW): The skill describes a workflow that ingests untrusted data (source code) to generate file writes (README.md). This creates a surface for indirect prompt injection where malicious instructions embedded in code comments could potentially influence the agent's output. Ingestion points: Project source code and directory structure. Boundary markers: None specified in the instructions. Capability inventory: Writing to the project's README.md file. Sanitization: No explicit sanitization or filtering of the source code content is described.
Audit Metadata