code-documenter
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because its core function involves ingesting and analyzing untrusted source code to generate documentation.
- Ingestion points: The agent reads user-supplied source code files during the 'Detect' and 'Analyze' stages of its workflow (SKILL.md).
- Boundary markers: The instructions do not define explicit markers or provide warnings to the agent to disregard instructions embedded in the code comments or strings being documented.
- Capability inventory: The skill focuses on reading file content and generating corresponding documentation structures and reports.
- Sanitization: No sanitization or validation logic is defined to handle potentially malicious instructions inside the input data.
- [SAFE]: The skill follows established industry standards for technical documentation (Microsoft, Google, NumPy styles). All provided code snippets and templates are legitimate development examples.
- [CREDENTIALS_UNSAFE]: No hardcoded credentials were found. Placeholder values like 'YOUR_API_KEY' are used appropriately within documentation templates.
- [EXTERNAL_DOWNLOADS]: Reference files include standard developer instructions for package installation (npm/pip), but the skill itself does not perform automated, unauthorized downloads of external code.
Audit Metadata