documentation
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- PROMPT_INJECTION (SAFE): The instructions are focused on standard documentation tasks (READMEs, APIs, comments). No patterns of instruction override, jailbreaking, or system prompt extraction were found.
- INDIRECT_PROMPT_INJECTION (LOW): The skill is designed to process untrusted data (source code and project files) to generate documentation. While this technically creates a surface where malicious code comments could influence the agent's output, the skill lacks high-risk capabilities like arbitrary command execution or network exfiltration in the provided instruction set.
- DATA_EXFILTRATION (SAFE): There are no network operations (curl, wget, etc.) or access to sensitive local file paths (SSH keys, credentials) identified in the instructions.
- NO_CODE (SAFE): The skill contains markdown instructions and examples but no executable scripts or automated logic that could be subverted for malicious use.
Audit Metadata