grill-with-docs

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No security issues detected. The skill uses standard file manipulation tools to read and update documentation and source code as part of its design review workflow.
  • [PROMPT_INJECTION]: The skill processes untrusted data from the codebase (e.g., CONTEXT.md, source files) and possesses capabilities including Bash execution and file writing. This represents a potential surface for indirect prompt injection if processed files contain malicious instructions. Ingestion points: Reads CONTEXT.md, docs/adr/, and project source files. Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore potential instructions within the read data. Capability inventory: Access to Read, Grep, Glob, Bash, Write, and Edit tools. Sanitization: No input validation or sanitization of file content is specified.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 07:06 AM
Security Audit — agent-trust-hub — grill-with-docs