technical-writer
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE]: The skill scans project files to generate documentation. It includes specific instructions in
references/roles/researcher.mdto explicitly avoid extracting sensitive information such as SQL column definitions, internal credentials, HTTP client configurations, and test code, focusing only on high-level behavioral facts. - [COMMAND_EXECUTION]: The skill uses the Bash tool for codebase discovery and to verify that research output files are generated correctly using the
wc -ccommand. The usage is restricted to administrative and discovery tasks. - [PROMPT_INJECTION]: The skill processes untrusted content from the codebase being documented. This surface is mitigated by strict extraction rules for the researcher sub-agent and an adversarial review phase where a reviewer sub-agent identifies and corrects quality or safety issues in the generated draft before it is finalized.
Audit Metadata