code-documenter
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because its core functionality involves reading and analyzing untrusted source code provided by users.
- Ingestion points: The agent reads source code files (TypeScript, Python, etc.) across various files to generate documentation summaries and docstrings.
- Boundary markers: There are no explicit delimiters or instructions provided in the skill to treat the source code purely as data or to ignore any natural language instructions that might be embedded within it.
- Capability inventory: The instructions explicitly require the agent to "Test code examples in documentation," which implies code execution capabilities that could be triggered by injected content.
- Sanitization: No sanitization or validation of the ingested code content is performed.
- [EXTERNAL_DOWNLOADS]: The skill references the installation of standard documentation tools and linting packages from official registries (npm, PyPI) such as
pydocstyle,eslint-plugin-jsdoc, andDocusaurus. - [EXTERNAL_DOWNLOADS]: Documentation templates include references to well-known third-party services and content delivery networks (CDNs) including Redocly, jsDelivr, and Algolia for search and interactive portal features.
- [COMMAND_EXECUTION]: The skill provides guidance and examples for executing common CLI-based development workflows, including building documentation sites, running linters, and generating documentation coverage reports.
Audit Metadata