code-tour
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's workflow is centered on repository discovery and documentation generation. It instructs the agent to read project files to verify line numbers and paths before creating JSON-based .tour files.
- [SAFE]: All external URLs provided in the skill instructions and metadata are to well-known, trusted domains belonging to Microsoft and GitHub.
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection because it ingests untrusted data from the repository being analyzed to generate its output. This is considered safe as the agent's capabilities are limited to generating structured documentation. 1. Ingestion points: repository source files and documentation. 2. Boundary markers: absent. 3. Capability inventory: file write (JSON tours). 4. Sanitization: absent.
Audit Metadata