Skills
skills/bmad-code-org/bmad-method/bmad-index-docs/Gen Agent Trust Hub

bmad-index-docs

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes the content of arbitrary files within a user-provided directory.
  • Ingestion points: Step 3 (Generate Descriptions) involves the agent reading the actual content of all files in the target folder.
  • Boundary markers: No explicit delimiters or system instructions are provided to the agent to disregard potential commands or role-play instructions embedded within the documents being indexed.
  • Capability inventory: The skill possesses the capability to scan directories, read file data, and write to the local filesystem (index.md).
  • Sanitization: No evidence of sanitization or validation of the content read from files exists before the text is processed by the model for description generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 04:19 PM