build-project-docs
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill reads untrusted content from the project's source code and PRD files, creating a surface for indirect prompt injection where malicious instructions in files could influence documentation generation.
- Ingestion points: Reads local project files, directory structures, and git history (SKILL.md, phase-1-explore.md, phase-5-business.md, phase-7-changelog.md).
- Boundary markers: No explicit markers or 'ignore' instructions are used to isolate untrusted content.
- Capability inventory: The skill utilizes Write, Edit, Read, Glob, Grep, and restricted Bash tools.
- Sanitization: No content validation or sanitization of ingested data is performed.
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute git, find, wc, head, and ls for analyzing repository structure and commit logs (phase-7-changelog.md, phase-8-verify.md). These tools provide visibility into the project's history and filesystem within the repository context.
Audit Metadata