agents-md
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill processes frontmatter from local SKILL.md files to generate documentation summaries. Ingestion points: Locates files via 'find .claude/skills' and 'ls plugins//skills//SKILL.md'. Boundary markers: No delimiters or instructions are used to prevent the agent from obeying instructions embedded in the discovered files. Capability inventory: Includes filesystem read (find/ls), file write (AGENTS.md), and symlink creation (ln -s). Sanitization: No validation or escaping is applied to the content read from discovered skills.
Audit Metadata