feature-documentation
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill consists exclusively of markdown instructions and does not include any executable scripts or binary files.
- [PROMPT_INJECTION]: The skill processes untrusted data from the codebase being documented, creating a surface for indirect prompt injection. However, the risk is negligible due to the absence of network access or system-level command execution capabilities.
- Ingestion points: Reads source code files and configuration files (e.g., package.json, go.mod) from the local directory.
- Boundary markers: No explicit delimiters are used to isolate codebase content from the agent's internal instructions.
- Capability inventory: Limited to file system read operations and writing markdown files to the 'codeWiki/' directory.
- Sanitization: No sanitization of the analyzed codebase content is performed before generating documentation output.
Audit Metadata