Skills
skills/xu-cell/ai-engineering-init/init-docs/Gen Agent Trust Hub

init-docs

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell-like commands such as mkdir -p docs to initialize the project directory structure. This is a standard operation for a documentation tool.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface when using the --scan mode.
  • Ingestion points: Reads local Java controller files using the glob pattern ruoyi-modules/ruoyi-*/src/main/java/**/controller/*Controller.java to extract information for documentation.
  • Boundary markers: None present to distinguish between legitimate code and potentially malicious instructions hidden in code comments.
  • Capability inventory: Directory creation (mkdir), file reading, and file writing (Markdown generation).
  • Sanitization: No explicit sanitization or filtering of the content read from source files before it is used to generate documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 09:04 AM