readme-generator
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
bash_toolto run afindcommand to generate a directory tree for project analysis. This is a standard and safe use of the tool for information gathering within the local environment. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it reads and processes data from untrusted project files to generate a summary.
- Ingestion points: Project manifests (e.g.,
package.json,pyproject.toml) and source code entry points (e.g.,index.js,main.py) are read to gather context as defined in Step 1 of SKILL.md. - Boundary markers: The instructions do not provide delimiters or specific 'ignore' directives to prevent the model from following instructions that might be embedded within the content of these files.
- Capability inventory: The agent has the capability to read project files, list directories via shell commands, and write the final output to a
README.mdfile. - Sanitization: No explicit sanitization or validation of the ingested file content is performed prior to processing.
Audit Metadata