index
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates indirect prompt injection by ingesting directory index and prompt files to provide context to the agent. \n- Ingestion points: The skill reads documentation from _index.md, _index.yaml, _index.json, and _prompt.md files within project directories. \n- Boundary markers: No specific delimiters or instructions to ignore nested commands within these documentation files are mentioned. \n- Capability inventory: The skill can execute local npm scripts, perform file system writes, and traverse directory structures. \n- Sanitization: There is no documentation of validation or filtering for instructions embedded within the index files. \n- [COMMAND_EXECUTION]: The skill relies on extensive use of npm run CLI commands (e.g., index:create, index:validate, index:generate) to automate directory maintenance and documentation generation, which involves executing scripts defined in the project environment.
Audit Metadata