Skills
skills/100nandoo/skills/grill-with-docs/Gen Agent Trust Hub

grill-with-docs

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's primary purpose is to manage project documentation (CONTEXT.md and ADRs) and provide feedback on domain terminology by reading the existing codebase.
  • [PROMPT_INJECTION]: There are no instructions that attempt to bypass safety filters, override agent constraints, or extract system prompts.
  • [DATA_EXFILTRATION]: The skill performs local file system operations (reading and writing documentation) but contains no network requests or attempts to access sensitive system files like SSH keys or environment secrets.
  • [REMOTE_CODE_EXECUTION]: No remote code execution patterns or dynamic script evaluations were found. It does not install external packages or execute remote binaries.
  • [INDIRECT_PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it reads from the user's codebase to inform its responses. However, it is limited to documentation and terminology tasks.
  • Ingestion points: Reads files from the src/ directory, CONTEXT.md, and docs/adr/ (SKILL.md).
  • Boundary markers: None explicitly defined in the instructions to separate data from instructions.
  • Capability inventory: Can read files and write to documentation files (CONTEXT.md, ADRs).
  • Sanitization: None specified for codebase content before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 01:14 PM
Security Audit — agent-trust-hub — grill-with-docs