project-index
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is designed to automate project documentation by performing local file system analysis. It reads source files, project metadata (e.g., package.json, pyproject.toml), and configuration templates to generate structured markdown reports in an .agents/ directory. These operations are consistent with the skill's stated purpose and do not involve network access or sensitive data exfiltration.
- [COMMAND_EXECUTION]: The skill uses basic shell commands such as
lsandmkdirfor directory management and verifying the existence of files. These commands are used locally and do not involve user-controlled input that could lead to command injection. - [PROMPT_INJECTION]: The instructions and reference files do not contain any patterns attempting to override agent behavior, bypass safety guidelines, or extract system prompts.
- [SAFE]: The skill processes untrusted input from the codebase, representing an attack surface for indirect prompt injection. 1. Ingestion points: Reads project files (source code, manifests, READMEs) and the knowledge.md feedback queue. 2. Boundary markers: Uses structured markdown headers and tables for organization. 3. Capability inventory: Limited to local directory creation (mkdir), directory listing (ls), and file read/write within the project scope. 4. Sanitization: Minimal; uses regex and positional parsing for merging feedback but does not strictly sanitize source code content.
Audit Metadata