grill-with-docs
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill instructions direct the agent to explore the repository and read existing documentation files, creating a surface for indirect prompt injection (Category 8).
- Ingestion points: The agent is instructed to read CONTEXT.md, CONTEXT-MAP.md, ADR files, and the contents of the src/ directory to challenge terminology and design decisions.
- Boundary markers: No specific boundary markers or instructions to ignore embedded commands are present in the skill to isolate untrusted file content from the agent's instructions.
- Capability inventory: The skill utilizes tools for file system exploration, file reading, and file creation/modification within the project directory.
- Sanitization: The skill lacks explicit sanitization or filtering logic for the content read from the repository.
Audit Metadata