docs-writer
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill is composed of Markdown guidelines and templates. No executable code, obfuscation, or malicious intent was detected.\n- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it processes untrusted content from the repository being documented and suggests running validation or build commands found within that repository. This is an inherent part of a documentation verification workflow.\n
- Ingestion points: Phase 1 (Discover) in
SKILL.mdandreferences/CORE-CHECKLIST.md(reading repository source files).\n - Boundary markers: Absent; the instructions do not include specific delimiters or warnings to ignore instructions embedded in the target files.\n
- Capability inventory: Phase 4 (Verify) in
SKILL.mdandreferences/CORE-CHECKLIST.mdinvolves executing repository-specific formatting, linting, and build commands.\n - Sanitization: Absent; the skill does not describe a method for validating the safety of commands before execution.\n- [COMMAND_EXECUTION]: The skill instructs the agent to execute commands from the target repository, such as 'Formatting/lint/build checks using repository commands', which could be leveraged if the repository contains malicious scripts in its configuration files.
Audit Metadata