ensure-agents-md
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs automated project bootstrapping by creating
AGENTS.mdandCLAUDE.mdfiles. This behavior is transparent, documented, and restricted to the workspace root. - [SAFE]: The skill uses official Adobe documentation and repository links (e.g.,
experienceleague.adobe.com,github.com/adobe/*), which are trusted vendor resources. - [SAFE]: File operations are restricted to reading project configuration (
pom.xml,package.json) and writing new documentation files. It explicitly refuses to overwrite existing files, preventing accidental data loss. - [INDIRECT_PROMPT_INJECTION]: The skill has a minor surface for indirect prompt injection as it ingests untrusted metadata (project names and module lists) from files like
pom.xmland interpolates them into agent-facing instructions (AGENTS.md). - Ingestion points:
pom.xml(<name>,<artifactId>,<modules>) andui.frontend/package.json. - Boundary markers: Absent; the content is placed directly into the generated markdown.
- Capability inventory: Uses
fs.writeto create permanent project documentation that influences future agent behavior. - Sanitization: Includes basic string manipulation (title-casing, prefix stripping) which provides minimal protection against malicious payloads in project metadata.
- [COMMAND_EXECUTION]: While the generated
AGENTS.mdfile contains examples of Maven and npm build commands, the skill itself does not execute these commands; it only documents them for the developer.
Audit Metadata