project-docs-init
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface because it reads and analyzes existing project source code and configuration files during 'Mode B' (Phase 1B). Malicious instructions or data embedded in the code being analyzed could potentially influence the documentation generation logic or the agent's behavior.
- Ingestion points: Project source directories (
src/,app/,lib/) and configuration files (package.json,setup.py,requirements.txt,pom.xml). - Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore potentially malicious embedded content within the source files it reads.
- Capability inventory: The skill utilizes filesystem read/write, directory creation (
mkdir), andgit logcommands. - Sanitization: No specific sanitization or filtering of the content extracted from project files is performed before it is used for documentation generation.
- [COMMAND_EXECUTION]: The skill executes standard system commands such as
ls,find,mkdir, andgit logto perform environmental discovery and manage the documentation folder structure. These commands are used for their intended discovery and organizational purposes and do not involve executing untrusted remote scripts or arbitrary user input.
Audit Metadata