framework-docs-researcher
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and process documentation and technical data from external sources such as web search results and GitHub repositories, which creates a surface for indirect prompt injection. * Ingestion points: Documentation fetched via Context7, web search results, and GitHub issue/PR content (SKILL.md). * Boundary markers: The instructions do not specify the use of delimiters or explicit 'ignore' instructions when processing external content. * Capability inventory: The agent has the ability to execute shell commands (bundle show) and read local files. * Sanitization: There is no mention of filtering or sanitizing fetched content before processing.
- [COMMAND_EXECUTION]: The skill instructs the agent to use the 'bundle show <gem_name>' command to locate the local file system path of installed libraries for source code analysis. This is a routine introspection task in software development workflows.
Audit Metadata