agents-md-improver
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it reads and analyzes untrusted content from repository files (such as AGENTS.md and code_map.md) to generate quality reports and proposed modifications.
- Ingestion points: External data enters the agent context during 'Phase 1: Discovery' and 'Phase 2: Evidence Collection' in
SKILL.md, where the agent reads repository guidance files and manifests (e.g., package.json, Makefile). - Boundary markers: Absent. The instructions do not specify using delimiters or explicit 'ignore' instructions when interpolating the content of discovered files into the prompt.
- Capability inventory: The skill is granted
Edit,Write, and limitedBashcapabilities (git, find) to modify repository files based on its analysis. - Sanitization: Absent. There are no instructions to sanitize or escape the content read from files before processing it.
Audit Metadata