documentation-lookup
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- General Security (SAFE): No direct malicious patterns, obfuscation, or unauthorized data access were detected in the skill definition.
- Indirect Prompt Injection (LOW): The skill exposes a surface for indirect prompt injection. 1. Ingestion points: Untrusted content is retrieved from external documentation sources via the query-docs tool. 2. Boundary markers: The skill does not define delimiters or warnings to isolate documentation content from instructions. 3. Capability inventory: The skill is limited to informational tool calls and does not have access to high-privilege operations like shell execution. 4. Sanitization: The skill does not perform any sanitization or validation of the documentation content before it is incorporated into the agent's response context.
Audit Metadata