fumadocs
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides legitimate technical documentation and workflow instructions for the Fumadocs framework.
- [SAFE]: All file operations and configurations are confined to standard documentation paths (e.g., web/src/content/docs/) and do not access sensitive system files.
- [SAFE]: Referenced dependencies such as fumadocs-ui and fumadocs-core are official libraries for the framework.
- [PROMPT_INJECTION]: The skill's primary function involves processing markdown content from the project's documentation directory, which establishes an indirect prompt injection surface.
- Ingestion points: Markdown content and frontmatter from files in
web/src/content/docs/discovered viaimport.meta.glob. - Boundary markers: Frontmatter is delimited using standard triple-dash (
---) markers. - Capability inventory: The agent is tasked with reading, creating, and modifying local project files (markdown, JSON, TypeScript, CSS).
- Sanitization: The framework uses
remark-gfmandrehype-highlightfor parsing and rendering content.
Audit Metadata