framework-docs-researcher
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external content (documentation, GitHub issues, and library source code) which presents a surface for indirect prompt injection. Ingestion points: Official documentation via Context7 or web search, GitHub discussions, and local gem source files. Boundary markers: Not present. Capability inventory: File system navigation (Glob), content searching (Grep), file reading (Read), and shell execution for gem location. Sanitization: None specified for external content.
- [COMMAND_EXECUTION]: The skill permits the use of shell for the
bundle showcommand to locate installed gems when native tool equivalents are unavailable, restricted to one command at a time.
Audit Metadata